From 39efd83a6a8ae2f7dac7cf3608520afa7455de05 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 10 Jan 2024 15:59:11 -0500 Subject: [PATCH 01/20] Add accountID into identity resolving --- aws/credentials.go | 3 ++ config/env_config.go | 3 ++ config/env_config_test.go | 11 +++++ config/shared_config.go | 3 ++ config/shared_config_test.go | 13 ++++++ config/testdata/shared_config | 5 +++ .../endpointcreds/internal/client/client.go | 1 + credentials/endpointcreds/provider.go | 1 + credentials/endpointcreds/provider_test.go | 6 ++- credentials/processcreds/provider.go | 4 ++ credentials/processcreds/provider_test.go | 18 ++++++++ .../processcreds/testdata/accountid.json | 6 +++ .../ssocreds/sso_credentials_provider.go | 1 + .../ssocreds/sso_credentials_provider_test.go | 2 + credentials/stscreds/assume_role_provider.go | 7 +++ .../stscreds/assume_role_provider_test.go | 6 +++ credentials/stscreds/web_identity_provider.go | 15 +++++++ .../stscreds/web_identity_provider_test.go | 44 +++++++++++++++++++ 18 files changed, 148 insertions(+), 1 deletion(-) create mode 100644 credentials/processcreds/testdata/accountid.json diff --git a/aws/credentials.go b/aws/credentials.go index 714d4ad85cb..a8d58ff460e 100644 --- a/aws/credentials.go +++ b/aws/credentials.go @@ -90,6 +90,9 @@ type Credentials struct { // The time the credentials will expire at. Should be ignored if CanExpire // is false. Expires time.Time + + // AWS Account ID resolved from identity and used for optional endpoint2.0 routing + AccountID string } // Expired returns if the credentials have expired. diff --git a/config/env_config.go b/config/env_config.go index 88550198cce..d160cb34576 100644 --- a/config/env_config.go +++ b/config/env_config.go @@ -80,6 +80,8 @@ const ( awsRequestMinCompressionSizeBytes = "AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES" awsS3DisableExpressSessionAuthEnv = "AWS_S3_DISABLE_EXPRESS_SESSION_AUTH" + + awsAccountID = "AWS_ACCOUNT_ID" ) var ( @@ -309,6 +311,7 @@ func NewEnvConfig() (EnvConfig, error) { setStringFromEnvVal(&creds.AccessKeyID, credAccessEnvKeys) setStringFromEnvVal(&creds.SecretAccessKey, credSecretEnvKeys) if creds.HasKeys() { + creds.AccountID = os.Getenv(awsAccountID) creds.SessionToken = os.Getenv(awsSessionTokenEnvVar) cfg.Credentials = creds } diff --git a/config/env_config_test.go b/config/env_config_test.go index bf874552b4b..37f2c8d21d9 100644 --- a/config/env_config_test.go +++ b/config/env_config_test.go @@ -81,6 +81,17 @@ func TestNewEnvConfig_Creds(t *testing.T) { Source: CredentialsSourceName, }, }, + { + Env: map[string]string{ + "AWS_ACCESS_KEY_ID": "AKID", + "AWS_SECRET_ACCESS_KEY": "SECRET", + "AWS_ACCOUNT_ID": "012345678901", + }, + Val: aws.Credentials{ + AccessKeyID: "AKID", SecretAccessKey: "SECRET", AccountID: "012345678901", + Source: CredentialsSourceName, + }, + }, } for i, c := range cases { diff --git a/config/shared_config.go b/config/shared_config.go index c546cb7d0f5..0d4f570b721 100644 --- a/config/shared_config.go +++ b/config/shared_config.go @@ -115,6 +115,8 @@ const ( requestMinCompressionSizeBytes = "request_min_compression_size_bytes" s3DisableExpressSessionAuthKey = "s3_disable_express_session_auth" + + accountID = "aws_account_id" ) // defaultSharedConfigProfile allows for swapping the default profile for testing @@ -1130,6 +1132,7 @@ func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) er SecretAccessKey: section.String(secretAccessKey), SessionToken: section.String(sessionTokenKey), Source: fmt.Sprintf("SharedConfigCredentials: %s", section.SourceFile[accessKeyIDKey]), + AccountID: section.String(accountID), } if creds.HasKeys() { diff --git a/config/shared_config_test.go b/config/shared_config_test.go index 4bf531b0f85..07881bf7c73 100644 --- a/config/shared_config_test.go +++ b/config/shared_config_test.go @@ -730,6 +730,19 @@ func TestNewSharedConfig(t *testing.T) { }, }, }, + "profile with aws account ID": { + ConfigFilenames: []string{testConfigFilename}, + Profile: "account_id", + Expected: SharedConfig{ + Profile: "account_id", + Credentials: aws.Credentials{ + AccessKeyID: "account_id_akid", + SecretAccessKey: "account_id_secret", + Source: fmt.Sprintf("SharedConfigCredentials: %s", testConfigFilename), + AccountID: "012345678901", + }, + }, + }, } for name, c := range cases { diff --git a/config/testdata/shared_config b/config/testdata/shared_config index ba5f80644e5..6d765890514 100644 --- a/config/testdata/shared_config +++ b/config/testdata/shared_config @@ -317,3 +317,8 @@ s3 = other = foo ec2 = endpoint_url = http://127.0.0.1:81 + +[profile account_id] +aws_access_key_id = account_id_akid +aws_secret_access_key = account_id_secret +aws_account_id = 012345678901 diff --git a/credentials/endpointcreds/internal/client/client.go b/credentials/endpointcreds/internal/client/client.go index 9a869f89547..dc291c97cd7 100644 --- a/credentials/endpointcreds/internal/client/client.go +++ b/credentials/endpointcreds/internal/client/client.go @@ -128,6 +128,7 @@ type GetCredentialsOutput struct { AccessKeyID string SecretAccessKey string Token string + AccountID string } // EndpointError is an error returned from the endpoint service diff --git a/credentials/endpointcreds/provider.go b/credentials/endpointcreds/provider.go index 0c3c4d68266..2386153a9ec 100644 --- a/credentials/endpointcreds/provider.go +++ b/credentials/endpointcreds/provider.go @@ -152,6 +152,7 @@ func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { SecretAccessKey: resp.SecretAccessKey, SessionToken: resp.Token, Source: ProviderName, + AccountID: resp.AccountID, } if resp.Expiration != nil { diff --git a/credentials/endpointcreds/provider_test.go b/credentials/endpointcreds/provider_test.go index 43a3451cc93..0bc4cc6a306 100644 --- a/credentials/endpointcreds/provider_test.go +++ b/credentials/endpointcreds/provider_test.go @@ -79,7 +79,8 @@ func TestRetrieveStaticCredentials(t *testing.T) { StatusCode: 200, Body: ioutil.NopCloser(bytes.NewReader([]byte(`{ "AccessKeyID": "AKID", - "SecretAccessKey": "SECRET" + "SecretAccessKey": "SECRET", + "AccountID": "012345678901" }`))), }, nil }) @@ -96,6 +97,9 @@ func TestRetrieveStaticCredentials(t *testing.T) { if e, a := "SECRET", creds.SecretAccessKey; e != a { t.Errorf("expect %v, got %v", e, a) } + if e, a := "012345678901", creds.AccountID; e != a { + t.Errorf("expect account ID to be %v, got %v", e, a) + } if v := creds.SessionToken; len(v) != 0 { t.Errorf("expect empty, got %v", v) } diff --git a/credentials/processcreds/provider.go b/credentials/processcreds/provider.go index fe9345e287c..6d758720d39 100644 --- a/credentials/processcreds/provider.go +++ b/credentials/processcreds/provider.go @@ -167,6 +167,9 @@ type CredentialProcessResponse struct { // The date on which the current credentials expire. Expiration *time.Time + + // The aws account ID for this op and could be used for endpoint2.0 routing + AccountID string `json:"AccountId"` } // Retrieve executes the credential process command and returns the @@ -208,6 +211,7 @@ func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { AccessKeyID: resp.AccessKeyID, SecretAccessKey: resp.SecretAccessKey, SessionToken: resp.SessionToken, + AccountID: resp.AccountID, } // Handle expiration diff --git a/credentials/processcreds/provider_test.go b/credentials/processcreds/provider_test.go index 5678af0dde8..f3277c02f02 100644 --- a/credentials/processcreds/provider_test.go +++ b/credentials/processcreds/provider_test.go @@ -142,6 +142,7 @@ type credentialTest struct { AccessKeyID string `json:"AccessKeyId"` SecretAccessKey string Expiration string + AccountID string `json:"AccountId"` } func TestProviderStatic(t *testing.T) { @@ -330,6 +331,23 @@ func BenchmarkProcessProvider(b *testing.B) { } } +func TestProviderWithAccountID(t *testing.T) { + provider := NewProvider( + fmt.Sprintf( + "%s %s", + getOSCat(), + filepath.Join("testdata", "accountid.json"), + )) + v, err := provider.Retrieve(context.Background()) + if err != nil { + t.Errorf("expected %v, got %v", "no error", err) + } + + if e, a := "012345678901", v.AccountID; e != a { + t.Errorf("expect retrieved accountID to be %v, got %v", e, a) + } +} + func getOSCat() string { if runtime.GOOS == "windows" { return "type" diff --git a/credentials/processcreds/testdata/accountid.json b/credentials/processcreds/testdata/accountid.json new file mode 100644 index 00000000000..46cbfc8ea38 --- /dev/null +++ b/credentials/processcreds/testdata/accountid.json @@ -0,0 +1,6 @@ +{ + "Version":1, + "AccessKeyId":"accesskey", + "SecretAccessKey":"secretkey", + "AccountId": "012345678901" +} diff --git a/credentials/ssocreds/sso_credentials_provider.go b/credentials/ssocreds/sso_credentials_provider.go index b3cf7853e76..8c230be8eb8 100644 --- a/credentials/ssocreds/sso_credentials_provider.go +++ b/credentials/ssocreds/sso_credentials_provider.go @@ -129,6 +129,7 @@ func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { CanExpire: true, Expires: time.Unix(0, output.RoleCredentials.Expiration*int64(time.Millisecond)).UTC(), Source: ProviderName, + AccountID: p.options.AccountID, }, nil } diff --git a/credentials/ssocreds/sso_credentials_provider_test.go b/credentials/ssocreds/sso_credentials_provider_test.go index c9006ea63c4..3cb4b9d08f9 100644 --- a/credentials/ssocreds/sso_credentials_provider_test.go +++ b/credentials/ssocreds/sso_credentials_provider_test.go @@ -110,6 +110,7 @@ func TestProvider(t *testing.T) { CanExpire: true, Expires: time.Date(2021, 01, 20, 21, 22, 23, 0.123e9, time.UTC), Source: ProviderName, + AccountID: "012345678901", }, }, "custom cached token file": { @@ -144,6 +145,7 @@ func TestProvider(t *testing.T) { CanExpire: true, Expires: time.Date(2021, 01, 20, 21, 22, 23, 0.123e9, time.UTC), Source: ProviderName, + AccountID: "012345678901", }, }, "expired access token": { diff --git a/credentials/stscreds/assume_role_provider.go b/credentials/stscreds/assume_role_provider.go index 289707b6de4..703eb1cf818 100644 --- a/credentials/stscreds/assume_role_provider.go +++ b/credentials/stscreds/assume_role_provider.go @@ -308,6 +308,12 @@ func (p *AssumeRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, err return aws.Credentials{Source: ProviderName}, err } + // extract accountID from arn with format "arn:partition:service:region:account-id:[resource-section]" + var accountID string + if resp.AssumedRoleUser != nil { + accountID = getAccountID(resp.AssumedRoleUser) + } + return aws.Credentials{ AccessKeyID: *resp.Credentials.AccessKeyId, SecretAccessKey: *resp.Credentials.SecretAccessKey, @@ -316,5 +322,6 @@ func (p *AssumeRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, err CanExpire: true, Expires: *resp.Credentials.Expiration, + AccountID: accountID, }, nil } diff --git a/credentials/stscreds/assume_role_provider_test.go b/credentials/stscreds/assume_role_provider_test.go index 142a4cfb8fd..83c465ea1ac 100644 --- a/credentials/stscreds/assume_role_provider_test.go +++ b/credentials/stscreds/assume_role_provider_test.go @@ -23,6 +23,9 @@ func (s *mockAssumeRole) AssumeRole(ctx context.Context, params *sts.AssumeRoleI expiry := time.Now().Add(60 * time.Minute) return &sts.AssumeRoleOutput{ + AssumedRoleUser: &types.AssumedRoleUser{ + Arn: aws.String("arn:aws:sts::131990247566:assumed-role/assume-role-integration-test-role/Name"), + }, Credentials: &types.Credentials{ // Just reflect the role arn to the provider. AccessKeyId: params.RoleArn, @@ -54,6 +57,9 @@ func TestAssumeRoleProvider(t *testing.T) { if e, a := "assumedSessionToken", creds.SessionToken; e != a { t.Errorf("Expect session token to match") } + if e, a := "131990247566", creds.AccountID; e != a { + t.Errorf("Expect account id to match") + } } func TestAssumeRoleProvider_WithTokenProvider(t *testing.T) { diff --git a/credentials/stscreds/web_identity_provider.go b/credentials/stscreds/web_identity_provider.go index ddaf6df6ce1..d0eb3158468 100644 --- a/credentials/stscreds/web_identity_provider.go +++ b/credentials/stscreds/web_identity_provider.go @@ -5,6 +5,7 @@ import ( "fmt" "io/ioutil" "strconv" + "strings" "time" "github.com/aws/aws-sdk-go-v2/aws" @@ -135,6 +136,12 @@ func (p *WebIdentityRoleProvider) Retrieve(ctx context.Context) (aws.Credentials return aws.Credentials{}, fmt.Errorf("failed to retrieve credentials, %w", err) } + // extract accountID from arn with format "arn:partition:service:region:account-id:[resource-section]" + var accountID string + if resp.AssumedRoleUser != nil { + accountID = getAccountID(resp.AssumedRoleUser) + } + // InvalidIdentityToken error is a temporary error that can occur // when assuming an Role with a JWT web identity token. @@ -145,6 +152,14 @@ func (p *WebIdentityRoleProvider) Retrieve(ctx context.Context) (aws.Credentials Source: WebIdentityProviderName, CanExpire: true, Expires: *resp.Credentials.Expiration, + AccountID: accountID, } return value, nil } + +func getAccountID(assumedRoleUser *types.AssumedRoleUser) string { + if arn := assumedRoleUser.Arn; arn != nil && len(*arn) > 0 { + return strings.Split(*arn, ":")[4] + } + return "" +} diff --git a/credentials/stscreds/web_identity_provider_test.go b/credentials/stscreds/web_identity_provider_test.go index 5d83b95b4b2..1f3a8700a1f 100644 --- a/credentials/stscreds/web_identity_provider_test.go +++ b/credentials/stscreds/web_identity_provider_test.go @@ -161,6 +161,50 @@ func TestWebIdentityProviderRetrieve(t *testing.T) { Expires: sdk.NowTime(), }, }, + "success with accountID": { + roleARN: "arn01234567890123456789", + tokenFilepath: "testdata/token.jwt", + options: func(o *stscreds.WebIdentityRoleOptions) { + o.RoleSessionName = "foo" + }, + mockClient: func( + ctx context.Context, params *sts.AssumeRoleWithWebIdentityInput, optFns ...func(*sts.Options), + ) ( + *sts.AssumeRoleWithWebIdentityOutput, error, + ) { + if e, a := "foo", *params.RoleSessionName; e != a { + return nil, fmt.Errorf("expected %v, but received %v", e, a) + } + if params.DurationSeconds != nil { + return nil, fmt.Errorf("expect no duration seconds, got %v", + *params.DurationSeconds) + } + if params.Policy != nil { + return nil, fmt.Errorf("expect no policy, got %v", + *params.Policy) + } + return &sts.AssumeRoleWithWebIdentityOutput{ + AssumedRoleUser: &types.AssumedRoleUser{ + Arn: aws.String("arn:aws:sts::131990247566:assumed-role/assume-role-integration-test-role/Name"), + }, + Credentials: &types.Credentials{ + Expiration: aws.Time(sdk.NowTime()), + AccessKeyId: aws.String("access-key-id"), + SecretAccessKey: aws.String("secret-access-key"), + SessionToken: aws.String("session-token"), + }, + }, nil + }, + expectedCredValue: aws.Credentials{ + AccessKeyID: "access-key-id", + SecretAccessKey: "secret-access-key", + SessionToken: "session-token", + Source: stscreds.WebIdentityProviderName, + CanExpire: true, + Expires: sdk.NowTime(), + AccountID: "131990247566", + }, + }, } for name, c := range cases { From a45a31108f3e7f7d83457a30a6f739eba6c830f2 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 10 Jan 2024 16:02:28 -0500 Subject: [PATCH 02/20] Add changelog --- .changelog/9166aec5123a472ab3d80afbcae6de9b.json | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .changelog/9166aec5123a472ab3d80afbcae6de9b.json diff --git a/.changelog/9166aec5123a472ab3d80afbcae6de9b.json b/.changelog/9166aec5123a472ab3d80afbcae6de9b.json new file mode 100644 index 00000000000..269ce7c1e66 --- /dev/null +++ b/.changelog/9166aec5123a472ab3d80afbcae6de9b.json @@ -0,0 +1,11 @@ +{ + "id": "9166aec5-123a-472a-b3d8-0afbcae6de9b", + "type": "feature", + "collapse": true, + "description": "Allow identity resolvers to resolve aws account id", + "modules": [ + ".", + "config", + "credentials" + ] +} \ No newline at end of file From f2a0627636b0e4624fd505087f12efab98d58ede Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Thu, 11 Jan 2024 14:13:10 -0500 Subject: [PATCH 03/20] optimize some accountID resolving code --- .changelog/9166aec5123a472ab3d80afbcae6de9b.json | 11 ----------- aws/credentials.go | 2 +- config/env_config.go | 4 ++-- config/shared_config.go | 4 ++-- credentials/processcreds/provider.go | 2 +- credentials/stscreds/assume_role_provider.go | 1 - credentials/stscreds/assume_role_provider_test.go | 2 +- credentials/stscreds/web_identity_provider.go | 14 +++++++++----- 8 files changed, 16 insertions(+), 24 deletions(-) delete mode 100644 .changelog/9166aec5123a472ab3d80afbcae6de9b.json diff --git a/.changelog/9166aec5123a472ab3d80afbcae6de9b.json b/.changelog/9166aec5123a472ab3d80afbcae6de9b.json deleted file mode 100644 index 269ce7c1e66..00000000000 --- a/.changelog/9166aec5123a472ab3d80afbcae6de9b.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "id": "9166aec5-123a-472a-b3d8-0afbcae6de9b", - "type": "feature", - "collapse": true, - "description": "Allow identity resolvers to resolve aws account id", - "modules": [ - ".", - "config", - "credentials" - ] -} \ No newline at end of file diff --git a/aws/credentials.go b/aws/credentials.go index a8d58ff460e..98ba7705642 100644 --- a/aws/credentials.go +++ b/aws/credentials.go @@ -91,7 +91,7 @@ type Credentials struct { // is false. Expires time.Time - // AWS Account ID resolved from identity and used for optional endpoint2.0 routing + // The ID of the account for the credentials. AccountID string } diff --git a/config/env_config.go b/config/env_config.go index d160cb34576..197147ce699 100644 --- a/config/env_config.go +++ b/config/env_config.go @@ -81,7 +81,7 @@ const ( awsS3DisableExpressSessionAuthEnv = "AWS_S3_DISABLE_EXPRESS_SESSION_AUTH" - awsAccountID = "AWS_ACCOUNT_ID" + awsAccountIDEnv = "AWS_ACCOUNT_ID" ) var ( @@ -311,7 +311,7 @@ func NewEnvConfig() (EnvConfig, error) { setStringFromEnvVal(&creds.AccessKeyID, credAccessEnvKeys) setStringFromEnvVal(&creds.SecretAccessKey, credSecretEnvKeys) if creds.HasKeys() { - creds.AccountID = os.Getenv(awsAccountID) + creds.AccountID = os.Getenv(awsAccountIDEnv) creds.SessionToken = os.Getenv(awsSessionTokenEnvVar) cfg.Credentials = creds } diff --git a/config/shared_config.go b/config/shared_config.go index 0d4f570b721..3d8d1775e07 100644 --- a/config/shared_config.go +++ b/config/shared_config.go @@ -116,7 +116,7 @@ const ( s3DisableExpressSessionAuthKey = "s3_disable_express_session_auth" - accountID = "aws_account_id" + accountIDKey = "aws_account_id" ) // defaultSharedConfigProfile allows for swapping the default profile for testing @@ -1132,7 +1132,7 @@ func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) er SecretAccessKey: section.String(secretAccessKey), SessionToken: section.String(sessionTokenKey), Source: fmt.Sprintf("SharedConfigCredentials: %s", section.SourceFile[accessKeyIDKey]), - AccountID: section.String(accountID), + AccountID: section.String(accountIDKey), } if creds.HasKeys() { diff --git a/credentials/processcreds/provider.go b/credentials/processcreds/provider.go index 6d758720d39..911fcc32729 100644 --- a/credentials/processcreds/provider.go +++ b/credentials/processcreds/provider.go @@ -168,7 +168,7 @@ type CredentialProcessResponse struct { // The date on which the current credentials expire. Expiration *time.Time - // The aws account ID for this op and could be used for endpoint2.0 routing + // The ID of the account for credentials AccountID string `json:"AccountId"` } diff --git a/credentials/stscreds/assume_role_provider.go b/credentials/stscreds/assume_role_provider.go index 703eb1cf818..4c7f7993f54 100644 --- a/credentials/stscreds/assume_role_provider.go +++ b/credentials/stscreds/assume_role_provider.go @@ -308,7 +308,6 @@ func (p *AssumeRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, err return aws.Credentials{Source: ProviderName}, err } - // extract accountID from arn with format "arn:partition:service:region:account-id:[resource-section]" var accountID string if resp.AssumedRoleUser != nil { accountID = getAccountID(resp.AssumedRoleUser) diff --git a/credentials/stscreds/assume_role_provider_test.go b/credentials/stscreds/assume_role_provider_test.go index 83c465ea1ac..99cb6fde939 100644 --- a/credentials/stscreds/assume_role_provider_test.go +++ b/credentials/stscreds/assume_role_provider_test.go @@ -58,7 +58,7 @@ func TestAssumeRoleProvider(t *testing.T) { t.Errorf("Expect session token to match") } if e, a := "131990247566", creds.AccountID; e != a { - t.Errorf("Expect account id to match") + t.Error("Expect account id to match") } } diff --git a/credentials/stscreds/web_identity_provider.go b/credentials/stscreds/web_identity_provider.go index d0eb3158468..b4b71970862 100644 --- a/credentials/stscreds/web_identity_provider.go +++ b/credentials/stscreds/web_identity_provider.go @@ -136,7 +136,6 @@ func (p *WebIdentityRoleProvider) Retrieve(ctx context.Context) (aws.Credentials return aws.Credentials{}, fmt.Errorf("failed to retrieve credentials, %w", err) } - // extract accountID from arn with format "arn:partition:service:region:account-id:[resource-section]" var accountID string if resp.AssumedRoleUser != nil { accountID = getAccountID(resp.AssumedRoleUser) @@ -157,9 +156,14 @@ func (p *WebIdentityRoleProvider) Retrieve(ctx context.Context) (aws.Credentials return value, nil } -func getAccountID(assumedRoleUser *types.AssumedRoleUser) string { - if arn := assumedRoleUser.Arn; arn != nil && len(*arn) > 0 { - return strings.Split(*arn, ":")[4] +// extract accountID from arn with format "arn:partition:service:region:account-id:[resource-section]" +func getAccountID(u *types.AssumedRoleUser) string { + if u.Arn == nil { + return "" } - return "" + parts := strings.Split(*u.Arn, ":") + if len(parts) < 5 { + return "" + } + return parts[4] } From 923009e249dfbc5b4217a20bc48ed5b5b7de778d Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 31 Jan 2024 12:03:14 -0500 Subject: [PATCH 04/20] Add accountID builtin codegen, aid mode config and check --- aws/accountid/account_id.go | 36 +++ aws/accountid/mode/mode.go | 27 ++ aws/config.go | 5 + codegen/sdk-codegen/aws-models/dynamodb.json | 168 ++++++++++- .../aws/go/codegen/AddAwsConfigFields.java | 12 + .../aws/go/codegen/AwsGoDependency.java | 3 + .../codegen/LegacyEndpointContextSetter.java | 9 +- .../smithy/aws/go/codegen/SdkGoTypes.java | 5 + .../customization/AwsAuthResolution.java | 9 +- .../customization/AwsEndpointBuiltins.java | 3 + config/config.go | 3 + config/env_config.go | 29 +- config/env_config_test.go | 17 ++ config/load_options.go | 18 ++ config/provider.go | 18 ++ config/resolve.go | 17 ++ config/resolve_test.go | 41 +++ config/shared_config.go | 27 +- config/shared_config_test.go | 17 ++ config/testdata/shared_config | 6 + .../protocoltest/awsrestjson/api_client.go | 1 + internal/protocoltest/awsrestjson/auth.go | 4 +- internal/protocoltest/awsrestjson/options.go | 4 + internal/protocoltest/ec2query/api_client.go | 1 + internal/protocoltest/ec2query/auth.go | 4 +- internal/protocoltest/ec2query/options.go | 4 + internal/protocoltest/jsonrpc/api_client.go | 1 + internal/protocoltest/jsonrpc/auth.go | 8 +- internal/protocoltest/jsonrpc/options.go | 4 + internal/protocoltest/jsonrpc10/api_client.go | 1 + internal/protocoltest/jsonrpc10/auth.go | 4 +- internal/protocoltest/jsonrpc10/options.go | 4 + internal/protocoltest/query/api_client.go | 1 + internal/protocoltest/query/auth.go | 4 +- internal/protocoltest/query/options.go | 4 + internal/protocoltest/restxml/api_client.go | 1 + internal/protocoltest/restxml/auth.go | 4 +- internal/protocoltest/restxml/options.go | 4 + .../restxmlwithnamespace/api_client.go | 17 +- .../protocoltest/restxmlwithnamespace/auth.go | 4 +- .../restxmlwithnamespace/options.go | 4 + service/accessanalyzer/api_client.go | 19 +- service/accessanalyzer/auth.go | 8 +- service/accessanalyzer/endpoints.go | 8 +- service/accessanalyzer/options.go | 4 + service/account/api_client.go | 19 +- service/account/auth.go | 8 +- service/account/endpoints.go | 8 +- service/account/options.go | 4 + service/acm/api_client.go | 19 +- service/acm/auth.go | 8 +- service/acm/endpoints.go | 8 +- service/acm/options.go | 4 + service/acmpca/api_client.go | 19 +- service/acmpca/auth.go | 8 +- service/acmpca/endpoints.go | 8 +- service/acmpca/options.go | 4 + service/alexaforbusiness/api_client.go | 19 +- service/alexaforbusiness/auth.go | 8 +- service/alexaforbusiness/endpoints.go | 8 +- service/alexaforbusiness/options.go | 4 + service/amp/api_client.go | 19 +- service/amp/auth.go | 8 +- service/amp/endpoints.go | 8 +- service/amp/options.go | 4 + service/amplify/api_client.go | 19 +- service/amplify/auth.go | 8 +- service/amplify/endpoints.go | 8 +- service/amplify/options.go | 4 + service/amplifybackend/api_client.go | 19 +- service/amplifybackend/auth.go | 8 +- service/amplifybackend/endpoints.go | 8 +- service/amplifybackend/options.go | 4 + service/amplifyuibuilder/api_client.go | 19 +- service/amplifyuibuilder/auth.go | 8 +- service/amplifyuibuilder/endpoints.go | 8 +- service/amplifyuibuilder/options.go | 4 + service/apigateway/api_client.go | 19 +- service/apigateway/auth.go | 8 +- service/apigateway/endpoints.go | 8 +- service/apigateway/options.go | 4 + service/apigatewaymanagementapi/api_client.go | 19 +- service/apigatewaymanagementapi/auth.go | 8 +- service/apigatewaymanagementapi/endpoints.go | 8 +- service/apigatewaymanagementapi/options.go | 4 + service/apigatewayv2/api_client.go | 19 +- service/apigatewayv2/auth.go | 8 +- service/apigatewayv2/endpoints.go | 8 +- service/apigatewayv2/options.go | 4 + service/appconfig/api_client.go | 19 +- service/appconfig/auth.go | 8 +- service/appconfig/endpoints.go | 8 +- service/appconfig/options.go | 4 + service/appconfigdata/api_client.go | 19 +- service/appconfigdata/auth.go | 8 +- service/appconfigdata/endpoints.go | 8 +- service/appconfigdata/options.go | 4 + service/appfabric/api_client.go | 19 +- service/appfabric/auth.go | 8 +- service/appfabric/endpoints.go | 8 +- service/appfabric/options.go | 4 + service/appflow/api_client.go | 19 +- service/appflow/auth.go | 8 +- service/appflow/endpoints.go | 8 +- service/appflow/options.go | 4 + service/appintegrations/api_client.go | 19 +- service/appintegrations/auth.go | 8 +- service/appintegrations/endpoints.go | 8 +- service/appintegrations/options.go | 4 + service/applicationautoscaling/api_client.go | 19 +- service/applicationautoscaling/auth.go | 8 +- service/applicationautoscaling/endpoints.go | 8 +- service/applicationautoscaling/options.go | 4 + service/applicationcostprofiler/api_client.go | 19 +- service/applicationcostprofiler/auth.go | 8 +- service/applicationcostprofiler/endpoints.go | 8 +- service/applicationcostprofiler/options.go | 4 + .../applicationdiscoveryservice/api_client.go | 19 +- service/applicationdiscoveryservice/auth.go | 8 +- .../applicationdiscoveryservice/endpoints.go | 8 +- .../applicationdiscoveryservice/options.go | 4 + service/applicationinsights/api_client.go | 19 +- service/applicationinsights/auth.go | 8 +- service/applicationinsights/endpoints.go | 8 +- service/applicationinsights/options.go | 4 + service/appmesh/api_client.go | 19 +- service/appmesh/auth.go | 8 +- service/appmesh/endpoints.go | 8 +- service/appmesh/options.go | 4 + service/apprunner/api_client.go | 19 +- service/apprunner/auth.go | 8 +- service/apprunner/endpoints.go | 8 +- service/apprunner/options.go | 4 + service/appstream/api_client.go | 19 +- service/appstream/auth.go | 8 +- service/appstream/endpoints.go | 8 +- service/appstream/options.go | 4 + service/appsync/api_client.go | 19 +- service/appsync/auth.go | 8 +- service/appsync/endpoints.go | 8 +- service/appsync/options.go | 4 + service/arczonalshift/api_client.go | 19 +- service/arczonalshift/auth.go | 8 +- service/arczonalshift/endpoints.go | 8 +- service/arczonalshift/options.go | 4 + service/athena/api_client.go | 19 +- service/athena/auth.go | 8 +- service/athena/endpoints.go | 8 +- service/athena/options.go | 4 + service/auditmanager/api_client.go | 19 +- service/auditmanager/auth.go | 8 +- service/auditmanager/endpoints.go | 8 +- service/auditmanager/options.go | 4 + service/autoscaling/api_client.go | 19 +- service/autoscaling/auth.go | 8 +- service/autoscaling/endpoints.go | 8 +- service/autoscaling/options.go | 4 + service/autoscalingplans/api_client.go | 19 +- service/autoscalingplans/auth.go | 8 +- service/autoscalingplans/endpoints.go | 8 +- service/autoscalingplans/options.go | 4 + service/b2bi/api_client.go | 19 +- service/b2bi/auth.go | 8 +- service/b2bi/endpoints.go | 8 +- service/b2bi/options.go | 4 + service/backup/api_client.go | 19 +- service/backup/auth.go | 8 +- service/backup/endpoints.go | 8 +- service/backup/options.go | 4 + service/backupgateway/api_client.go | 19 +- service/backupgateway/auth.go | 8 +- service/backupgateway/endpoints.go | 8 +- service/backupgateway/options.go | 4 + service/backupstorage/api_client.go | 19 +- service/backupstorage/auth.go | 8 +- service/backupstorage/endpoints.go | 8 +- service/backupstorage/options.go | 4 + service/batch/api_client.go | 19 +- service/batch/auth.go | 8 +- service/batch/endpoints.go | 8 +- service/batch/options.go | 4 + service/bcmdataexports/api_client.go | 19 +- service/bcmdataexports/auth.go | 8 +- service/bcmdataexports/endpoints.go | 8 +- service/bcmdataexports/options.go | 4 + service/bedrock/api_client.go | 19 +- service/bedrock/auth.go | 8 +- service/bedrock/endpoints.go | 8 +- service/bedrock/options.go | 4 + service/bedrockagent/api_client.go | 19 +- service/bedrockagent/auth.go | 8 +- service/bedrockagent/endpoints.go | 8 +- service/bedrockagent/options.go | 4 + service/bedrockagentruntime/api_client.go | 19 +- service/bedrockagentruntime/auth.go | 8 +- service/bedrockagentruntime/endpoints.go | 8 +- service/bedrockagentruntime/options.go | 4 + service/bedrockruntime/api_client.go | 19 +- service/bedrockruntime/auth.go | 8 +- service/bedrockruntime/endpoints.go | 8 +- service/bedrockruntime/options.go | 4 + service/billingconductor/api_client.go | 19 +- service/billingconductor/auth.go | 8 +- service/billingconductor/endpoints.go | 8 +- service/billingconductor/options.go | 4 + service/braket/api_client.go | 19 +- service/braket/auth.go | 8 +- service/braket/endpoints.go | 8 +- service/braket/options.go | 4 + service/budgets/api_client.go | 19 +- service/budgets/auth.go | 8 +- service/budgets/endpoints.go | 8 +- service/budgets/options.go | 4 + service/chime/api_client.go | 19 +- service/chime/auth.go | 8 +- service/chime/endpoints.go | 8 +- service/chime/options.go | 4 + service/chimesdkidentity/api_client.go | 19 +- service/chimesdkidentity/auth.go | 8 +- service/chimesdkidentity/endpoints.go | 8 +- service/chimesdkidentity/options.go | 4 + service/chimesdkmediapipelines/api_client.go | 19 +- service/chimesdkmediapipelines/auth.go | 8 +- service/chimesdkmediapipelines/endpoints.go | 8 +- service/chimesdkmediapipelines/options.go | 4 + service/chimesdkmeetings/api_client.go | 19 +- service/chimesdkmeetings/auth.go | 8 +- service/chimesdkmeetings/endpoints.go | 8 +- service/chimesdkmeetings/options.go | 4 + service/chimesdkmessaging/api_client.go | 19 +- service/chimesdkmessaging/auth.go | 8 +- service/chimesdkmessaging/endpoints.go | 8 +- service/chimesdkmessaging/options.go | 4 + service/chimesdkvoice/api_client.go | 19 +- service/chimesdkvoice/auth.go | 8 +- service/chimesdkvoice/endpoints.go | 8 +- service/chimesdkvoice/options.go | 4 + service/cleanrooms/api_client.go | 19 +- service/cleanrooms/auth.go | 8 +- service/cleanrooms/endpoints.go | 8 +- service/cleanrooms/options.go | 4 + service/cleanroomsml/api_client.go | 19 +- service/cleanroomsml/auth.go | 8 +- service/cleanroomsml/endpoints.go | 8 +- service/cleanroomsml/options.go | 4 + service/cloud9/api_client.go | 19 +- service/cloud9/auth.go | 8 +- service/cloud9/endpoints.go | 8 +- service/cloud9/options.go | 4 + service/cloudcontrol/api_client.go | 19 +- service/cloudcontrol/auth.go | 8 +- service/cloudcontrol/endpoints.go | 8 +- service/cloudcontrol/options.go | 4 + service/clouddirectory/api_client.go | 19 +- service/clouddirectory/auth.go | 8 +- service/clouddirectory/endpoints.go | 8 +- service/clouddirectory/options.go | 4 + service/cloudformation/api_client.go | 19 +- service/cloudformation/auth.go | 8 +- service/cloudformation/endpoints.go | 8 +- service/cloudformation/options.go | 4 + service/cloudfront/api_client.go | 19 +- service/cloudfront/auth.go | 8 +- service/cloudfront/endpoints.go | 8 +- service/cloudfront/options.go | 4 + service/cloudfrontkeyvaluestore/api_client.go | 19 +- service/cloudfrontkeyvaluestore/auth.go | 8 +- service/cloudfrontkeyvaluestore/endpoints.go | 8 +- service/cloudfrontkeyvaluestore/options.go | 4 + service/cloudhsm/api_client.go | 19 +- service/cloudhsm/auth.go | 8 +- service/cloudhsm/endpoints.go | 8 +- service/cloudhsm/options.go | 4 + service/cloudhsmv2/api_client.go | 19 +- service/cloudhsmv2/auth.go | 8 +- service/cloudhsmv2/endpoints.go | 8 +- service/cloudhsmv2/options.go | 4 + service/cloudsearch/api_client.go | 19 +- service/cloudsearch/auth.go | 8 +- service/cloudsearch/endpoints.go | 8 +- service/cloudsearch/options.go | 4 + service/cloudsearchdomain/api_client.go | 19 +- service/cloudsearchdomain/auth.go | 8 +- service/cloudsearchdomain/endpoints.go | 8 +- service/cloudsearchdomain/options.go | 4 + service/cloudtrail/api_client.go | 19 +- service/cloudtrail/auth.go | 8 +- service/cloudtrail/endpoints.go | 8 +- service/cloudtrail/options.go | 4 + service/cloudtraildata/api_client.go | 19 +- service/cloudtraildata/auth.go | 8 +- service/cloudtraildata/endpoints.go | 8 +- service/cloudtraildata/options.go | 4 + service/cloudwatch/api_client.go | 19 +- service/cloudwatch/auth.go | 8 +- service/cloudwatch/endpoints.go | 8 +- service/cloudwatch/options.go | 4 + service/cloudwatchevents/api_client.go | 19 +- service/cloudwatchevents/auth.go | 8 +- service/cloudwatchevents/endpoints.go | 8 +- service/cloudwatchevents/options.go | 4 + service/cloudwatchlogs/api_client.go | 19 +- service/cloudwatchlogs/auth.go | 8 +- service/cloudwatchlogs/endpoints.go | 8 +- service/cloudwatchlogs/options.go | 4 + service/codeartifact/api_client.go | 19 +- service/codeartifact/auth.go | 8 +- service/codeartifact/endpoints.go | 8 +- service/codeartifact/options.go | 4 + service/codebuild/api_client.go | 19 +- service/codebuild/auth.go | 8 +- service/codebuild/endpoints.go | 8 +- service/codebuild/options.go | 4 + service/codecatalyst/api_client.go | 1 + service/codecatalyst/auth.go | 4 +- service/codecatalyst/endpoints.go | 8 +- service/codecatalyst/options.go | 4 + service/codecommit/api_client.go | 19 +- service/codecommit/auth.go | 8 +- service/codecommit/endpoints.go | 8 +- service/codecommit/options.go | 4 + service/codedeploy/api_client.go | 19 +- service/codedeploy/auth.go | 8 +- service/codedeploy/endpoints.go | 8 +- service/codedeploy/options.go | 4 + service/codeguruprofiler/api_client.go | 19 +- service/codeguruprofiler/auth.go | 8 +- service/codeguruprofiler/endpoints.go | 8 +- service/codeguruprofiler/options.go | 4 + service/codegurureviewer/api_client.go | 19 +- service/codegurureviewer/auth.go | 8 +- service/codegurureviewer/endpoints.go | 8 +- service/codegurureviewer/options.go | 4 + service/codegurusecurity/api_client.go | 19 +- service/codegurusecurity/auth.go | 8 +- service/codegurusecurity/endpoints.go | 8 +- service/codegurusecurity/options.go | 4 + service/codepipeline/api_client.go | 19 +- service/codepipeline/auth.go | 8 +- service/codepipeline/endpoints.go | 8 +- service/codepipeline/options.go | 4 + service/codestar/api_client.go | 19 +- service/codestar/auth.go | 8 +- service/codestar/endpoints.go | 8 +- service/codestar/options.go | 4 + service/codestarconnections/api_client.go | 19 +- service/codestarconnections/auth.go | 8 +- service/codestarconnections/endpoints.go | 8 +- service/codestarconnections/options.go | 4 + service/codestarnotifications/api_client.go | 19 +- service/codestarnotifications/auth.go | 8 +- service/codestarnotifications/endpoints.go | 8 +- service/codestarnotifications/options.go | 4 + service/cognitoidentity/api_client.go | 19 +- service/cognitoidentity/auth.go | 8 +- service/cognitoidentity/endpoints.go | 8 +- service/cognitoidentity/options.go | 4 + service/cognitoidentityprovider/api_client.go | 19 +- service/cognitoidentityprovider/auth.go | 8 +- service/cognitoidentityprovider/endpoints.go | 8 +- service/cognitoidentityprovider/options.go | 4 + service/cognitosync/api_client.go | 19 +- service/cognitosync/auth.go | 8 +- service/cognitosync/endpoints.go | 8 +- service/cognitosync/options.go | 4 + service/comprehend/api_client.go | 19 +- service/comprehend/auth.go | 8 +- service/comprehend/endpoints.go | 8 +- service/comprehend/options.go | 4 + service/comprehendmedical/api_client.go | 19 +- service/comprehendmedical/auth.go | 8 +- service/comprehendmedical/endpoints.go | 8 +- service/comprehendmedical/options.go | 4 + service/computeoptimizer/api_client.go | 19 +- service/computeoptimizer/auth.go | 8 +- service/computeoptimizer/endpoints.go | 8 +- service/computeoptimizer/options.go | 4 + service/configservice/api_client.go | 19 +- service/configservice/auth.go | 8 +- service/configservice/endpoints.go | 8 +- service/configservice/options.go | 4 + service/connect/api_client.go | 19 +- service/connect/auth.go | 8 +- service/connect/endpoints.go | 8 +- service/connect/options.go | 4 + service/connectcampaigns/api_client.go | 19 +- service/connectcampaigns/auth.go | 8 +- service/connectcampaigns/endpoints.go | 8 +- service/connectcampaigns/options.go | 4 + service/connectcases/api_client.go | 19 +- service/connectcases/auth.go | 8 +- service/connectcases/endpoints.go | 8 +- service/connectcases/options.go | 4 + service/connectcontactlens/api_client.go | 19 +- service/connectcontactlens/auth.go | 8 +- service/connectcontactlens/endpoints.go | 8 +- service/connectcontactlens/options.go | 4 + service/connectparticipant/api_client.go | 19 +- service/connectparticipant/auth.go | 8 +- service/connectparticipant/endpoints.go | 8 +- service/connectparticipant/options.go | 4 + service/controltower/api_client.go | 19 +- service/controltower/auth.go | 8 +- service/controltower/endpoints.go | 8 +- service/controltower/options.go | 4 + .../costandusagereportservice/api_client.go | 19 +- service/costandusagereportservice/auth.go | 8 +- .../costandusagereportservice/endpoints.go | 8 +- service/costandusagereportservice/options.go | 4 + service/costexplorer/api_client.go | 19 +- service/costexplorer/auth.go | 8 +- service/costexplorer/endpoints.go | 8 +- service/costexplorer/options.go | 4 + service/costoptimizationhub/api_client.go | 19 +- service/costoptimizationhub/auth.go | 8 +- service/costoptimizationhub/endpoints.go | 8 +- service/costoptimizationhub/options.go | 4 + service/customerprofiles/api_client.go | 19 +- service/customerprofiles/auth.go | 8 +- service/customerprofiles/endpoints.go | 8 +- service/customerprofiles/options.go | 4 + .../databasemigrationservice/api_client.go | 19 +- service/databasemigrationservice/auth.go | 8 +- service/databasemigrationservice/endpoints.go | 8 +- service/databasemigrationservice/options.go | 4 + service/databrew/api_client.go | 19 +- service/databrew/auth.go | 8 +- service/databrew/endpoints.go | 8 +- service/databrew/options.go | 4 + service/dataexchange/api_client.go | 19 +- service/dataexchange/auth.go | 8 +- service/dataexchange/endpoints.go | 8 +- service/dataexchange/options.go | 4 + service/datapipeline/api_client.go | 19 +- service/datapipeline/auth.go | 8 +- service/datapipeline/endpoints.go | 8 +- service/datapipeline/options.go | 4 + service/datasync/api_client.go | 19 +- service/datasync/auth.go | 8 +- service/datasync/endpoints.go | 8 +- service/datasync/options.go | 4 + service/datazone/api_client.go | 19 +- service/datazone/auth.go | 8 +- service/datazone/endpoints.go | 8 +- service/datazone/options.go | 4 + service/dax/api_client.go | 19 +- service/dax/auth.go | 8 +- service/dax/endpoints.go | 8 +- service/dax/options.go | 4 + service/detective/api_client.go | 19 +- service/detective/auth.go | 8 +- service/detective/endpoints.go | 8 +- service/detective/options.go | 4 + service/devicefarm/api_client.go | 19 +- service/devicefarm/auth.go | 8 +- service/devicefarm/endpoints.go | 8 +- service/devicefarm/options.go | 4 + service/devopsguru/api_client.go | 19 +- service/devopsguru/auth.go | 8 +- service/devopsguru/endpoints.go | 8 +- service/devopsguru/options.go | 4 + service/directconnect/api_client.go | 19 +- service/directconnect/auth.go | 8 +- service/directconnect/endpoints.go | 8 +- service/directconnect/options.go | 4 + service/directoryservice/api_client.go | 19 +- service/directoryservice/auth.go | 8 +- service/directoryservice/endpoints.go | 8 +- service/directoryservice/options.go | 4 + service/dlm/api_client.go | 19 +- service/dlm/auth.go | 8 +- service/dlm/endpoints.go | 8 +- service/dlm/options.go | 4 + service/docdb/api_client.go | 19 +- service/docdb/auth.go | 8 +- service/docdb/endpoints.go | 8 +- service/docdb/options.go | 4 + service/docdbelastic/api_client.go | 19 +- service/docdbelastic/auth.go | 8 +- service/docdbelastic/endpoints.go | 8 +- service/docdbelastic/options.go | 4 + service/drs/api_client.go | 19 +- service/drs/auth.go | 8 +- service/drs/endpoints.go | 8 +- service/drs/options.go | 4 + service/dynamodb/api_client.go | 19 +- ...i_op_DisableKinesisStreamingDestination.go | 6 + ...pi_op_EnableKinesisStreamingDestination.go | 6 + ...pi_op_UpdateKinesisStreamingDestination.go | 207 +++++++++++++ service/dynamodb/auth.go | 8 +- service/dynamodb/deserializers.go | 285 ++++++++++++++++++ service/dynamodb/endpoints.go | 8 +- service/dynamodb/generated.json | 1 + service/dynamodb/options.go | 4 + service/dynamodb/serializers.go | 117 +++++++ service/dynamodb/types/enums.go | 21 ++ service/dynamodb/types/types.go | 27 +- service/dynamodb/validators.go | 42 +++ service/dynamodbstreams/api_client.go | 19 +- service/dynamodbstreams/auth.go | 8 +- service/dynamodbstreams/endpoints.go | 8 +- service/dynamodbstreams/options.go | 4 + service/ebs/api_client.go | 19 +- service/ebs/auth.go | 8 +- service/ebs/endpoints.go | 8 +- service/ebs/options.go | 4 + service/ec2/api_client.go | 19 +- service/ec2/auth.go | 8 +- service/ec2/endpoints.go | 8 +- service/ec2/options.go | 4 + service/ec2instanceconnect/api_client.go | 19 +- service/ec2instanceconnect/auth.go | 8 +- service/ec2instanceconnect/endpoints.go | 8 +- service/ec2instanceconnect/options.go | 4 + service/ecr/api_client.go | 19 +- service/ecr/auth.go | 8 +- service/ecr/endpoints.go | 8 +- service/ecr/options.go | 4 + service/ecrpublic/api_client.go | 19 +- service/ecrpublic/auth.go | 8 +- service/ecrpublic/endpoints.go | 8 +- service/ecrpublic/options.go | 4 + service/ecs/api_client.go | 19 +- service/ecs/auth.go | 8 +- service/ecs/endpoints.go | 8 +- service/ecs/options.go | 4 + service/efs/api_client.go | 19 +- service/efs/auth.go | 8 +- service/efs/endpoints.go | 8 +- service/efs/options.go | 4 + service/eks/api_client.go | 19 +- service/eks/auth.go | 8 +- service/eks/endpoints.go | 8 +- service/eks/options.go | 4 + service/eksauth/api_client.go | 19 +- service/eksauth/auth.go | 8 +- service/eksauth/endpoints.go | 8 +- service/eksauth/options.go | 4 + service/elasticache/api_client.go | 19 +- service/elasticache/auth.go | 8 +- service/elasticache/endpoints.go | 8 +- service/elasticache/options.go | 4 + service/elasticbeanstalk/api_client.go | 19 +- service/elasticbeanstalk/auth.go | 8 +- service/elasticbeanstalk/endpoints.go | 8 +- service/elasticbeanstalk/options.go | 4 + service/elasticinference/api_client.go | 19 +- service/elasticinference/auth.go | 8 +- service/elasticinference/endpoints.go | 8 +- service/elasticinference/options.go | 4 + service/elasticloadbalancing/api_client.go | 19 +- service/elasticloadbalancing/auth.go | 8 +- service/elasticloadbalancing/endpoints.go | 8 +- service/elasticloadbalancing/options.go | 4 + service/elasticloadbalancingv2/api_client.go | 19 +- service/elasticloadbalancingv2/auth.go | 8 +- service/elasticloadbalancingv2/endpoints.go | 8 +- service/elasticloadbalancingv2/options.go | 4 + service/elasticsearchservice/api_client.go | 19 +- service/elasticsearchservice/auth.go | 8 +- service/elasticsearchservice/endpoints.go | 8 +- service/elasticsearchservice/options.go | 4 + service/elastictranscoder/api_client.go | 19 +- service/elastictranscoder/auth.go | 8 +- service/elastictranscoder/endpoints.go | 8 +- service/elastictranscoder/options.go | 4 + service/emr/api_client.go | 19 +- service/emr/auth.go | 8 +- service/emr/endpoints.go | 8 +- service/emr/options.go | 4 + service/emrcontainers/api_client.go | 19 +- service/emrcontainers/auth.go | 8 +- service/emrcontainers/endpoints.go | 8 +- service/emrcontainers/options.go | 4 + service/emrserverless/api_client.go | 19 +- service/emrserverless/auth.go | 8 +- service/emrserverless/endpoints.go | 8 +- service/emrserverless/options.go | 4 + service/entityresolution/api_client.go | 19 +- service/entityresolution/auth.go | 8 +- service/entityresolution/endpoints.go | 8 +- service/entityresolution/options.go | 4 + service/eventbridge/api_client.go | 19 +- service/eventbridge/auth.go | 14 +- service/eventbridge/endpoints.go | 8 +- service/eventbridge/options.go | 4 + service/evidently/api_client.go | 19 +- service/evidently/auth.go | 8 +- service/evidently/endpoints.go | 8 +- service/evidently/options.go | 4 + service/finspace/api_client.go | 19 +- service/finspace/auth.go | 8 +- service/finspace/endpoints.go | 8 +- service/finspace/options.go | 4 + service/finspacedata/api_client.go | 19 +- service/finspacedata/auth.go | 8 +- service/finspacedata/endpoints.go | 8 +- service/finspacedata/options.go | 4 + service/firehose/api_client.go | 19 +- service/firehose/auth.go | 8 +- service/firehose/endpoints.go | 8 +- service/firehose/options.go | 4 + service/fis/api_client.go | 19 +- service/fis/auth.go | 8 +- service/fis/endpoints.go | 8 +- service/fis/options.go | 4 + service/fms/api_client.go | 19 +- service/fms/auth.go | 8 +- service/fms/endpoints.go | 8 +- service/fms/options.go | 4 + service/forecast/api_client.go | 19 +- service/forecast/auth.go | 8 +- service/forecast/endpoints.go | 8 +- service/forecast/options.go | 4 + service/forecastquery/api_client.go | 19 +- service/forecastquery/auth.go | 8 +- service/forecastquery/endpoints.go | 8 +- service/forecastquery/options.go | 4 + service/frauddetector/api_client.go | 19 +- service/frauddetector/auth.go | 8 +- service/frauddetector/endpoints.go | 8 +- service/frauddetector/options.go | 4 + service/freetier/api_client.go | 19 +- service/freetier/auth.go | 8 +- service/freetier/endpoints.go | 8 +- service/freetier/options.go | 4 + service/fsx/api_client.go | 19 +- service/fsx/auth.go | 8 +- service/fsx/endpoints.go | 8 +- service/fsx/options.go | 4 + service/gamelift/api_client.go | 19 +- service/gamelift/auth.go | 8 +- service/gamelift/endpoints.go | 8 +- service/gamelift/options.go | 4 + service/glacier/api_client.go | 19 +- service/glacier/auth.go | 8 +- service/glacier/endpoints.go | 8 +- service/glacier/options.go | 4 + service/globalaccelerator/api_client.go | 19 +- service/globalaccelerator/auth.go | 8 +- service/globalaccelerator/endpoints.go | 8 +- service/globalaccelerator/options.go | 4 + service/glue/api_client.go | 19 +- service/glue/auth.go | 8 +- service/glue/endpoints.go | 8 +- service/glue/options.go | 4 + service/grafana/api_client.go | 19 +- service/grafana/auth.go | 8 +- service/grafana/endpoints.go | 8 +- service/grafana/options.go | 4 + service/greengrass/api_client.go | 19 +- service/greengrass/auth.go | 8 +- service/greengrass/endpoints.go | 8 +- service/greengrass/options.go | 4 + service/greengrassv2/api_client.go | 19 +- service/greengrassv2/auth.go | 8 +- service/greengrassv2/endpoints.go | 8 +- service/greengrassv2/options.go | 4 + service/groundstation/api_client.go | 19 +- service/groundstation/auth.go | 8 +- service/groundstation/endpoints.go | 8 +- service/groundstation/options.go | 4 + service/guardduty/api_client.go | 19 +- service/guardduty/auth.go | 8 +- service/guardduty/endpoints.go | 8 +- service/guardduty/options.go | 4 + service/health/api_client.go | 19 +- service/health/auth.go | 8 +- service/health/endpoints.go | 8 +- service/health/options.go | 4 + service/healthlake/api_client.go | 19 +- service/healthlake/auth.go | 8 +- service/healthlake/endpoints.go | 8 +- service/healthlake/options.go | 4 + service/honeycode/api_client.go | 19 +- service/honeycode/auth.go | 8 +- service/honeycode/endpoints.go | 8 +- service/honeycode/options.go | 4 + service/iam/api_client.go | 19 +- service/iam/auth.go | 8 +- service/iam/endpoints.go | 8 +- service/iam/options.go | 4 + service/identitystore/api_client.go | 19 +- service/identitystore/auth.go | 8 +- service/identitystore/endpoints.go | 8 +- service/identitystore/options.go | 4 + service/imagebuilder/api_client.go | 19 +- service/imagebuilder/auth.go | 8 +- service/imagebuilder/endpoints.go | 8 +- service/imagebuilder/options.go | 4 + service/inspector/api_client.go | 19 +- service/inspector/auth.go | 8 +- service/inspector/endpoints.go | 8 +- service/inspector/options.go | 4 + service/inspector2/api_client.go | 19 +- service/inspector2/auth.go | 8 +- service/inspector2/endpoints.go | 8 +- service/inspector2/options.go | 4 + service/inspectorscan/api_client.go | 19 +- service/inspectorscan/auth.go | 8 +- service/inspectorscan/endpoints.go | 8 +- service/inspectorscan/options.go | 4 + service/internetmonitor/api_client.go | 19 +- service/internetmonitor/auth.go | 8 +- service/internetmonitor/endpoints.go | 8 +- service/internetmonitor/options.go | 4 + service/iot/api_client.go | 19 +- service/iot/auth.go | 8 +- service/iot/endpoints.go | 8 +- service/iot/options.go | 4 + service/iot1clickdevicesservice/api_client.go | 19 +- service/iot1clickdevicesservice/auth.go | 8 +- service/iot1clickdevicesservice/endpoints.go | 8 +- service/iot1clickdevicesservice/options.go | 4 + service/iot1clickprojects/api_client.go | 19 +- service/iot1clickprojects/auth.go | 8 +- service/iot1clickprojects/endpoints.go | 8 +- service/iot1clickprojects/options.go | 4 + service/iotanalytics/api_client.go | 19 +- service/iotanalytics/auth.go | 8 +- service/iotanalytics/endpoints.go | 8 +- service/iotanalytics/options.go | 4 + service/iotdataplane/api_client.go | 19 +- service/iotdataplane/auth.go | 8 +- service/iotdataplane/endpoints.go | 8 +- service/iotdataplane/options.go | 4 + service/iotdeviceadvisor/api_client.go | 19 +- service/iotdeviceadvisor/auth.go | 8 +- service/iotdeviceadvisor/endpoints.go | 8 +- service/iotdeviceadvisor/options.go | 4 + service/iotevents/api_client.go | 19 +- service/iotevents/auth.go | 8 +- service/iotevents/endpoints.go | 8 +- service/iotevents/options.go | 4 + service/ioteventsdata/api_client.go | 19 +- service/ioteventsdata/auth.go | 8 +- service/ioteventsdata/endpoints.go | 8 +- service/ioteventsdata/options.go | 4 + service/iotfleethub/api_client.go | 19 +- service/iotfleethub/auth.go | 8 +- service/iotfleethub/endpoints.go | 8 +- service/iotfleethub/options.go | 4 + service/iotfleetwise/api_client.go | 19 +- service/iotfleetwise/auth.go | 8 +- service/iotfleetwise/endpoints.go | 8 +- service/iotfleetwise/options.go | 4 + service/iotjobsdataplane/api_client.go | 19 +- service/iotjobsdataplane/auth.go | 8 +- service/iotjobsdataplane/endpoints.go | 8 +- service/iotjobsdataplane/options.go | 4 + service/iotroborunner/api_client.go | 19 +- service/iotroborunner/auth.go | 8 +- service/iotroborunner/endpoints.go | 8 +- service/iotroborunner/options.go | 4 + service/iotsecuretunneling/api_client.go | 19 +- service/iotsecuretunneling/auth.go | 8 +- service/iotsecuretunneling/endpoints.go | 8 +- service/iotsecuretunneling/options.go | 4 + service/iotsitewise/api_client.go | 19 +- service/iotsitewise/auth.go | 8 +- service/iotsitewise/endpoints.go | 8 +- service/iotsitewise/options.go | 4 + service/iotthingsgraph/api_client.go | 19 +- service/iotthingsgraph/auth.go | 8 +- service/iotthingsgraph/endpoints.go | 8 +- service/iotthingsgraph/options.go | 4 + service/iottwinmaker/api_client.go | 19 +- service/iottwinmaker/auth.go | 8 +- service/iottwinmaker/endpoints.go | 8 +- service/iottwinmaker/options.go | 4 + service/iotwireless/api_client.go | 19 +- service/iotwireless/auth.go | 8 +- service/iotwireless/endpoints.go | 8 +- service/iotwireless/options.go | 4 + service/ivs/api_client.go | 19 +- service/ivs/auth.go | 8 +- service/ivs/endpoints.go | 8 +- service/ivs/options.go | 4 + service/ivschat/api_client.go | 19 +- service/ivschat/auth.go | 8 +- service/ivschat/endpoints.go | 8 +- service/ivschat/options.go | 4 + service/ivsrealtime/api_client.go | 19 +- service/ivsrealtime/auth.go | 8 +- service/ivsrealtime/endpoints.go | 8 +- service/ivsrealtime/options.go | 4 + service/kafka/api_client.go | 19 +- service/kafka/auth.go | 8 +- service/kafka/endpoints.go | 8 +- service/kafka/options.go | 4 + service/kafkaconnect/api_client.go | 19 +- service/kafkaconnect/auth.go | 8 +- service/kafkaconnect/endpoints.go | 8 +- service/kafkaconnect/options.go | 4 + service/kendra/api_client.go | 19 +- service/kendra/auth.go | 8 +- service/kendra/endpoints.go | 8 +- service/kendra/options.go | 4 + service/kendraranking/api_client.go | 19 +- service/kendraranking/auth.go | 8 +- service/kendraranking/endpoints.go | 8 +- service/kendraranking/options.go | 4 + service/keyspaces/api_client.go | 19 +- service/keyspaces/auth.go | 8 +- service/keyspaces/endpoints.go | 8 +- service/keyspaces/options.go | 4 + service/kinesis/api_client.go | 19 +- service/kinesis/auth.go | 8 +- service/kinesis/endpoints.go | 8 +- service/kinesis/options.go | 4 + service/kinesisanalytics/api_client.go | 19 +- service/kinesisanalytics/auth.go | 8 +- service/kinesisanalytics/endpoints.go | 8 +- service/kinesisanalytics/options.go | 4 + service/kinesisanalyticsv2/api_client.go | 19 +- service/kinesisanalyticsv2/auth.go | 8 +- service/kinesisanalyticsv2/endpoints.go | 8 +- service/kinesisanalyticsv2/options.go | 4 + service/kinesisvideo/api_client.go | 19 +- service/kinesisvideo/auth.go | 8 +- service/kinesisvideo/endpoints.go | 8 +- service/kinesisvideo/options.go | 4 + .../kinesisvideoarchivedmedia/api_client.go | 19 +- service/kinesisvideoarchivedmedia/auth.go | 8 +- .../kinesisvideoarchivedmedia/endpoints.go | 8 +- service/kinesisvideoarchivedmedia/options.go | 4 + service/kinesisvideomedia/api_client.go | 19 +- service/kinesisvideomedia/auth.go | 8 +- service/kinesisvideomedia/endpoints.go | 8 +- service/kinesisvideomedia/options.go | 4 + service/kinesisvideosignaling/api_client.go | 19 +- service/kinesisvideosignaling/auth.go | 8 +- service/kinesisvideosignaling/endpoints.go | 8 +- service/kinesisvideosignaling/options.go | 4 + .../kinesisvideowebrtcstorage/api_client.go | 19 +- service/kinesisvideowebrtcstorage/auth.go | 8 +- .../kinesisvideowebrtcstorage/endpoints.go | 8 +- service/kinesisvideowebrtcstorage/options.go | 4 + service/kms/api_client.go | 19 +- service/kms/auth.go | 8 +- service/kms/endpoints.go | 8 +- service/kms/options.go | 4 + service/lakeformation/api_client.go | 19 +- service/lakeformation/auth.go | 8 +- service/lakeformation/endpoints.go | 8 +- service/lakeformation/options.go | 4 + service/lambda/api_client.go | 19 +- service/lambda/auth.go | 8 +- service/lambda/endpoints.go | 8 +- service/lambda/options.go | 4 + service/launchwizard/api_client.go | 19 +- service/launchwizard/auth.go | 8 +- service/launchwizard/endpoints.go | 8 +- service/launchwizard/options.go | 4 + service/lexmodelbuildingservice/api_client.go | 19 +- service/lexmodelbuildingservice/auth.go | 8 +- service/lexmodelbuildingservice/endpoints.go | 8 +- service/lexmodelbuildingservice/options.go | 4 + service/lexmodelsv2/api_client.go | 19 +- service/lexmodelsv2/auth.go | 8 +- service/lexmodelsv2/endpoints.go | 8 +- service/lexmodelsv2/options.go | 4 + service/lexruntimeservice/api_client.go | 19 +- service/lexruntimeservice/auth.go | 8 +- service/lexruntimeservice/endpoints.go | 8 +- service/lexruntimeservice/options.go | 4 + service/lexruntimev2/api_client.go | 19 +- service/lexruntimev2/auth.go | 8 +- service/lexruntimev2/endpoints.go | 8 +- service/lexruntimev2/options.go | 4 + service/licensemanager/api_client.go | 19 +- service/licensemanager/auth.go | 8 +- service/licensemanager/endpoints.go | 8 +- service/licensemanager/options.go | 4 + .../api_client.go | 19 +- .../licensemanagerlinuxsubscriptions/auth.go | 8 +- .../endpoints.go | 8 +- .../options.go | 4 + .../api_client.go | 19 +- .../licensemanagerusersubscriptions/auth.go | 8 +- .../endpoints.go | 8 +- .../options.go | 4 + service/lightsail/api_client.go | 19 +- service/lightsail/auth.go | 8 +- service/lightsail/endpoints.go | 8 +- service/lightsail/options.go | 4 + service/location/api_client.go | 19 +- service/location/auth.go | 8 +- service/location/endpoints.go | 8 +- service/location/options.go | 4 + service/lookoutequipment/api_client.go | 19 +- service/lookoutequipment/auth.go | 8 +- service/lookoutequipment/endpoints.go | 8 +- service/lookoutequipment/options.go | 4 + service/lookoutmetrics/api_client.go | 19 +- service/lookoutmetrics/auth.go | 8 +- service/lookoutmetrics/endpoints.go | 8 +- service/lookoutmetrics/options.go | 4 + service/lookoutvision/api_client.go | 19 +- service/lookoutvision/auth.go | 8 +- service/lookoutvision/endpoints.go | 8 +- service/lookoutvision/options.go | 4 + service/m2/api_client.go | 19 +- service/m2/auth.go | 8 +- service/m2/endpoints.go | 8 +- service/m2/options.go | 4 + service/machinelearning/api_client.go | 19 +- service/machinelearning/auth.go | 8 +- service/machinelearning/endpoints.go | 8 +- service/machinelearning/options.go | 4 + service/macie2/api_client.go | 19 +- service/macie2/auth.go | 8 +- service/macie2/endpoints.go | 8 +- service/macie2/options.go | 4 + service/managedblockchain/api_client.go | 19 +- service/managedblockchain/auth.go | 8 +- service/managedblockchain/endpoints.go | 8 +- service/managedblockchain/options.go | 4 + service/managedblockchainquery/api_client.go | 19 +- service/managedblockchainquery/auth.go | 8 +- service/managedblockchainquery/endpoints.go | 8 +- service/managedblockchainquery/options.go | 4 + service/marketplaceagreement/api_client.go | 19 +- service/marketplaceagreement/auth.go | 8 +- service/marketplaceagreement/endpoints.go | 8 +- service/marketplaceagreement/options.go | 4 + service/marketplacecatalog/api_client.go | 19 +- service/marketplacecatalog/auth.go | 8 +- service/marketplacecatalog/endpoints.go | 8 +- service/marketplacecatalog/options.go | 4 + .../api_client.go | 19 +- service/marketplacecommerceanalytics/auth.go | 8 +- .../marketplacecommerceanalytics/endpoints.go | 8 +- .../marketplacecommerceanalytics/options.go | 4 + service/marketplacedeployment/api_client.go | 19 +- service/marketplacedeployment/auth.go | 8 +- service/marketplacedeployment/endpoints.go | 8 +- service/marketplacedeployment/options.go | 4 + .../api_client.go | 19 +- service/marketplaceentitlementservice/auth.go | 8 +- .../endpoints.go | 8 +- .../marketplaceentitlementservice/options.go | 4 + service/marketplacemetering/api_client.go | 19 +- service/marketplacemetering/auth.go | 8 +- service/marketplacemetering/endpoints.go | 8 +- service/marketplacemetering/options.go | 4 + service/mediaconnect/api_client.go | 19 +- service/mediaconnect/auth.go | 8 +- service/mediaconnect/endpoints.go | 8 +- service/mediaconnect/options.go | 4 + service/mediaconvert/api_client.go | 19 +- service/mediaconvert/auth.go | 8 +- service/mediaconvert/endpoints.go | 8 +- service/mediaconvert/options.go | 4 + service/medialive/api_client.go | 19 +- service/medialive/auth.go | 8 +- service/medialive/endpoints.go | 8 +- service/medialive/options.go | 4 + service/mediapackage/api_client.go | 19 +- service/mediapackage/auth.go | 8 +- service/mediapackage/endpoints.go | 8 +- service/mediapackage/options.go | 4 + service/mediapackagev2/api_client.go | 19 +- service/mediapackagev2/auth.go | 8 +- service/mediapackagev2/endpoints.go | 8 +- service/mediapackagev2/options.go | 4 + service/mediapackagevod/api_client.go | 19 +- service/mediapackagevod/auth.go | 8 +- service/mediapackagevod/endpoints.go | 8 +- service/mediapackagevod/options.go | 4 + service/mediastore/api_client.go | 19 +- service/mediastore/auth.go | 8 +- service/mediastore/endpoints.go | 8 +- service/mediastore/options.go | 4 + service/mediastoredata/api_client.go | 19 +- service/mediastoredata/auth.go | 8 +- service/mediastoredata/endpoints.go | 8 +- service/mediastoredata/options.go | 4 + service/mediatailor/api_client.go | 19 +- service/mediatailor/auth.go | 8 +- service/mediatailor/endpoints.go | 8 +- service/mediatailor/options.go | 4 + service/medicalimaging/api_client.go | 19 +- service/medicalimaging/auth.go | 8 +- service/medicalimaging/endpoints.go | 8 +- service/medicalimaging/options.go | 4 + service/memorydb/api_client.go | 19 +- service/memorydb/auth.go | 8 +- service/memorydb/endpoints.go | 8 +- service/memorydb/options.go | 4 + service/mgn/api_client.go | 19 +- service/mgn/auth.go | 8 +- service/mgn/endpoints.go | 8 +- service/mgn/options.go | 4 + service/migrationhub/api_client.go | 19 +- service/migrationhub/auth.go | 8 +- service/migrationhub/endpoints.go | 8 +- service/migrationhub/options.go | 4 + service/migrationhubconfig/api_client.go | 19 +- service/migrationhubconfig/auth.go | 8 +- service/migrationhubconfig/endpoints.go | 8 +- service/migrationhubconfig/options.go | 4 + .../migrationhuborchestrator/api_client.go | 19 +- service/migrationhuborchestrator/auth.go | 8 +- service/migrationhuborchestrator/endpoints.go | 8 +- service/migrationhuborchestrator/options.go | 4 + .../migrationhubrefactorspaces/api_client.go | 19 +- service/migrationhubrefactorspaces/auth.go | 8 +- .../migrationhubrefactorspaces/endpoints.go | 8 +- service/migrationhubrefactorspaces/options.go | 4 + service/migrationhubstrategy/api_client.go | 19 +- service/migrationhubstrategy/auth.go | 8 +- service/migrationhubstrategy/endpoints.go | 8 +- service/migrationhubstrategy/options.go | 4 + service/mobile/api_client.go | 19 +- service/mobile/auth.go | 8 +- service/mobile/endpoints.go | 8 +- service/mobile/options.go | 4 + service/mq/api_client.go | 19 +- service/mq/auth.go | 8 +- service/mq/endpoints.go | 8 +- service/mq/options.go | 4 + service/mturk/api_client.go | 19 +- service/mturk/auth.go | 8 +- service/mturk/endpoints.go | 8 +- service/mturk/options.go | 4 + service/mwaa/api_client.go | 19 +- service/mwaa/auth.go | 8 +- service/mwaa/endpoints.go | 8 +- service/mwaa/options.go | 4 + service/neptune/api_client.go | 19 +- service/neptune/auth.go | 8 +- service/neptune/endpoints.go | 8 +- service/neptune/options.go | 4 + service/neptunedata/api_client.go | 19 +- service/neptunedata/auth.go | 8 +- service/neptunedata/endpoints.go | 8 +- service/neptunedata/options.go | 4 + service/neptunegraph/api_client.go | 19 +- service/neptunegraph/auth.go | 8 +- service/neptunegraph/endpoints.go | 8 +- service/neptunegraph/options.go | 4 + service/networkfirewall/api_client.go | 19 +- service/networkfirewall/auth.go | 8 +- service/networkfirewall/endpoints.go | 8 +- service/networkfirewall/options.go | 4 + service/networkmanager/api_client.go | 19 +- service/networkmanager/auth.go | 8 +- service/networkmanager/endpoints.go | 8 +- service/networkmanager/options.go | 4 + service/networkmonitor/api_client.go | 19 +- service/networkmonitor/auth.go | 8 +- service/networkmonitor/endpoints.go | 8 +- service/networkmonitor/options.go | 4 + service/nimble/api_client.go | 19 +- service/nimble/auth.go | 8 +- service/nimble/endpoints.go | 8 +- service/nimble/options.go | 4 + service/oam/api_client.go | 19 +- service/oam/auth.go | 8 +- service/oam/endpoints.go | 8 +- service/oam/options.go | 4 + service/omics/api_client.go | 19 +- service/omics/auth.go | 8 +- service/omics/endpoints.go | 8 +- service/omics/options.go | 4 + service/opensearch/api_client.go | 19 +- service/opensearch/auth.go | 8 +- service/opensearch/endpoints.go | 8 +- service/opensearch/options.go | 4 + service/opensearchserverless/api_client.go | 19 +- service/opensearchserverless/auth.go | 8 +- service/opensearchserverless/endpoints.go | 8 +- service/opensearchserverless/options.go | 4 + service/opsworks/api_client.go | 19 +- service/opsworks/auth.go | 8 +- service/opsworks/endpoints.go | 8 +- service/opsworks/options.go | 4 + service/opsworkscm/api_client.go | 19 +- service/opsworkscm/auth.go | 8 +- service/opsworkscm/endpoints.go | 8 +- service/opsworkscm/options.go | 4 + service/organizations/api_client.go | 19 +- service/organizations/auth.go | 8 +- service/organizations/endpoints.go | 8 +- service/organizations/options.go | 4 + service/osis/api_client.go | 19 +- service/osis/auth.go | 8 +- service/osis/endpoints.go | 8 +- service/osis/options.go | 4 + service/outposts/api_client.go | 19 +- service/outposts/auth.go | 8 +- service/outposts/endpoints.go | 8 +- service/outposts/options.go | 4 + service/panorama/api_client.go | 19 +- service/panorama/auth.go | 8 +- service/panorama/endpoints.go | 8 +- service/panorama/options.go | 4 + service/paymentcryptography/api_client.go | 19 +- service/paymentcryptography/auth.go | 8 +- service/paymentcryptography/endpoints.go | 8 +- service/paymentcryptography/options.go | 4 + service/paymentcryptographydata/api_client.go | 19 +- service/paymentcryptographydata/auth.go | 8 +- service/paymentcryptographydata/endpoints.go | 8 +- service/paymentcryptographydata/options.go | 4 + service/pcaconnectorad/api_client.go | 19 +- service/pcaconnectorad/auth.go | 8 +- service/pcaconnectorad/endpoints.go | 8 +- service/pcaconnectorad/options.go | 4 + service/personalize/api_client.go | 19 +- service/personalize/auth.go | 8 +- service/personalize/endpoints.go | 8 +- service/personalize/options.go | 4 + service/personalizeevents/api_client.go | 19 +- service/personalizeevents/auth.go | 8 +- service/personalizeevents/endpoints.go | 8 +- service/personalizeevents/options.go | 4 + service/personalizeruntime/api_client.go | 19 +- service/personalizeruntime/auth.go | 8 +- service/personalizeruntime/endpoints.go | 8 +- service/personalizeruntime/options.go | 4 + service/pi/api_client.go | 19 +- service/pi/auth.go | 8 +- service/pi/endpoints.go | 8 +- service/pi/options.go | 4 + service/pinpoint/api_client.go | 19 +- service/pinpoint/auth.go | 8 +- service/pinpoint/endpoints.go | 8 +- service/pinpoint/options.go | 4 + service/pinpointemail/api_client.go | 19 +- service/pinpointemail/auth.go | 8 +- service/pinpointemail/endpoints.go | 8 +- service/pinpointemail/options.go | 4 + service/pinpointsmsvoice/api_client.go | 19 +- service/pinpointsmsvoice/auth.go | 8 +- service/pinpointsmsvoice/endpoints.go | 8 +- service/pinpointsmsvoice/options.go | 4 + service/pinpointsmsvoicev2/api_client.go | 19 +- service/pinpointsmsvoicev2/auth.go | 8 +- service/pinpointsmsvoicev2/endpoints.go | 8 +- service/pinpointsmsvoicev2/options.go | 4 + service/pipes/api_client.go | 19 +- service/pipes/auth.go | 8 +- service/pipes/endpoints.go | 8 +- service/pipes/options.go | 4 + service/polly/api_client.go | 19 +- service/polly/auth.go | 8 +- service/polly/endpoints.go | 8 +- service/polly/options.go | 4 + service/pricing/api_client.go | 19 +- service/pricing/auth.go | 8 +- service/pricing/endpoints.go | 8 +- service/pricing/options.go | 4 + service/privatenetworks/api_client.go | 19 +- service/privatenetworks/auth.go | 8 +- service/privatenetworks/endpoints.go | 8 +- service/privatenetworks/options.go | 4 + service/proton/api_client.go | 19 +- service/proton/auth.go | 8 +- service/proton/endpoints.go | 8 +- service/proton/options.go | 4 + service/qbusiness/api_client.go | 19 +- service/qbusiness/auth.go | 8 +- service/qbusiness/endpoints.go | 8 +- service/qbusiness/options.go | 4 + service/qconnect/api_client.go | 19 +- service/qconnect/auth.go | 8 +- service/qconnect/endpoints.go | 8 +- service/qconnect/options.go | 4 + service/qldb/api_client.go | 19 +- service/qldb/auth.go | 8 +- service/qldb/endpoints.go | 8 +- service/qldb/options.go | 4 + service/qldbsession/api_client.go | 19 +- service/qldbsession/auth.go | 8 +- service/qldbsession/endpoints.go | 8 +- service/qldbsession/options.go | 4 + service/quicksight/api_client.go | 19 +- service/quicksight/auth.go | 8 +- service/quicksight/endpoints.go | 8 +- service/quicksight/options.go | 4 + service/ram/api_client.go | 19 +- service/ram/auth.go | 8 +- service/ram/endpoints.go | 8 +- service/ram/options.go | 4 + service/rbin/api_client.go | 19 +- service/rbin/auth.go | 8 +- service/rbin/endpoints.go | 8 +- service/rbin/options.go | 4 + service/rds/api_client.go | 19 +- service/rds/auth.go | 8 +- service/rds/endpoints.go | 8 +- service/rds/options.go | 4 + service/rdsdata/api_client.go | 19 +- service/rdsdata/auth.go | 8 +- service/rdsdata/endpoints.go | 8 +- service/rdsdata/options.go | 4 + service/redshift/api_client.go | 19 +- service/redshift/auth.go | 8 +- service/redshift/endpoints.go | 8 +- service/redshift/options.go | 4 + service/redshiftdata/api_client.go | 19 +- service/redshiftdata/auth.go | 8 +- service/redshiftdata/endpoints.go | 8 +- service/redshiftdata/options.go | 4 + service/redshiftserverless/api_client.go | 19 +- service/redshiftserverless/auth.go | 8 +- service/redshiftserverless/endpoints.go | 8 +- service/redshiftserverless/options.go | 4 + service/rekognition/api_client.go | 19 +- service/rekognition/auth.go | 8 +- service/rekognition/endpoints.go | 8 +- service/rekognition/options.go | 4 + service/repostspace/api_client.go | 19 +- service/repostspace/auth.go | 8 +- service/repostspace/endpoints.go | 8 +- service/repostspace/options.go | 4 + service/resiliencehub/api_client.go | 19 +- service/resiliencehub/auth.go | 8 +- service/resiliencehub/endpoints.go | 8 +- service/resiliencehub/options.go | 4 + service/resourceexplorer2/api_client.go | 19 +- service/resourceexplorer2/auth.go | 8 +- service/resourceexplorer2/endpoints.go | 8 +- service/resourceexplorer2/options.go | 4 + service/resourcegroups/api_client.go | 19 +- service/resourcegroups/auth.go | 8 +- service/resourcegroups/endpoints.go | 8 +- service/resourcegroups/options.go | 4 + .../resourcegroupstaggingapi/api_client.go | 19 +- service/resourcegroupstaggingapi/auth.go | 8 +- service/resourcegroupstaggingapi/endpoints.go | 8 +- service/resourcegroupstaggingapi/options.go | 4 + service/robomaker/api_client.go | 19 +- service/robomaker/auth.go | 8 +- service/robomaker/endpoints.go | 8 +- service/robomaker/options.go | 4 + service/rolesanywhere/api_client.go | 19 +- service/rolesanywhere/auth.go | 8 +- service/rolesanywhere/endpoints.go | 8 +- service/rolesanywhere/options.go | 4 + service/route53/api_client.go | 19 +- service/route53/auth.go | 8 +- service/route53/endpoints.go | 8 +- service/route53/options.go | 4 + service/route53domains/api_client.go | 19 +- service/route53domains/auth.go | 8 +- service/route53domains/endpoints.go | 8 +- service/route53domains/options.go | 4 + service/route53recoverycluster/api_client.go | 19 +- service/route53recoverycluster/auth.go | 8 +- service/route53recoverycluster/endpoints.go | 8 +- service/route53recoverycluster/options.go | 4 + .../api_client.go | 19 +- service/route53recoverycontrolconfig/auth.go | 8 +- .../route53recoverycontrolconfig/endpoints.go | 8 +- .../route53recoverycontrolconfig/options.go | 4 + .../route53recoveryreadiness/api_client.go | 19 +- service/route53recoveryreadiness/auth.go | 8 +- service/route53recoveryreadiness/endpoints.go | 8 +- service/route53recoveryreadiness/options.go | 4 + service/route53resolver/api_client.go | 19 +- service/route53resolver/auth.go | 8 +- service/route53resolver/endpoints.go | 8 +- service/route53resolver/options.go | 4 + service/rum/api_client.go | 19 +- service/rum/auth.go | 8 +- service/rum/endpoints.go | 8 +- service/rum/options.go | 4 + service/s3/api_client.go | 19 +- service/s3/auth.go | 14 +- service/s3/endpoints.go | 8 +- service/s3/options.go | 4 + service/s3control/api_client.go | 19 +- service/s3control/auth.go | 8 +- service/s3control/endpoints.go | 8 +- service/s3control/options.go | 4 + service/s3outposts/api_client.go | 19 +- service/s3outposts/auth.go | 8 +- service/s3outposts/endpoints.go | 8 +- service/s3outposts/options.go | 4 + service/sagemaker/api_client.go | 19 +- service/sagemaker/auth.go | 8 +- service/sagemaker/endpoints.go | 8 +- service/sagemaker/options.go | 4 + service/sagemakera2iruntime/api_client.go | 19 +- service/sagemakera2iruntime/auth.go | 8 +- service/sagemakera2iruntime/endpoints.go | 8 +- service/sagemakera2iruntime/options.go | 4 + service/sagemakeredge/api_client.go | 19 +- service/sagemakeredge/auth.go | 8 +- service/sagemakeredge/endpoints.go | 8 +- service/sagemakeredge/options.go | 4 + .../api_client.go | 19 +- service/sagemakerfeaturestoreruntime/auth.go | 8 +- .../sagemakerfeaturestoreruntime/endpoints.go | 8 +- .../sagemakerfeaturestoreruntime/options.go | 4 + service/sagemakergeospatial/api_client.go | 19 +- service/sagemakergeospatial/auth.go | 8 +- service/sagemakergeospatial/endpoints.go | 8 +- service/sagemakergeospatial/options.go | 4 + service/sagemakermetrics/api_client.go | 19 +- service/sagemakermetrics/auth.go | 8 +- service/sagemakermetrics/endpoints.go | 8 +- service/sagemakermetrics/options.go | 4 + service/sagemakerruntime/api_client.go | 19 +- service/sagemakerruntime/auth.go | 8 +- service/sagemakerruntime/endpoints.go | 8 +- service/sagemakerruntime/options.go | 4 + service/savingsplans/api_client.go | 19 +- service/savingsplans/auth.go | 8 +- service/savingsplans/endpoints.go | 8 +- service/savingsplans/options.go | 4 + service/scheduler/api_client.go | 19 +- service/scheduler/auth.go | 8 +- service/scheduler/endpoints.go | 8 +- service/scheduler/options.go | 4 + service/schemas/api_client.go | 19 +- service/schemas/auth.go | 8 +- service/schemas/endpoints.go | 8 +- service/schemas/options.go | 4 + service/secretsmanager/api_client.go | 19 +- service/secretsmanager/auth.go | 8 +- service/secretsmanager/endpoints.go | 8 +- service/secretsmanager/options.go | 4 + service/securityhub/api_client.go | 19 +- service/securityhub/auth.go | 8 +- service/securityhub/endpoints.go | 8 +- service/securityhub/options.go | 4 + service/securitylake/api_client.go | 19 +- service/securitylake/auth.go | 8 +- service/securitylake/endpoints.go | 8 +- service/securitylake/options.go | 4 + .../api_client.go | 19 +- .../serverlessapplicationrepository/auth.go | 8 +- .../endpoints.go | 8 +- .../options.go | 4 + service/servicecatalog/api_client.go | 19 +- service/servicecatalog/auth.go | 8 +- service/servicecatalog/endpoints.go | 8 +- service/servicecatalog/options.go | 4 + .../servicecatalogappregistry/api_client.go | 19 +- service/servicecatalogappregistry/auth.go | 8 +- .../servicecatalogappregistry/endpoints.go | 8 +- service/servicecatalogappregistry/options.go | 4 + service/servicediscovery/api_client.go | 19 +- service/servicediscovery/auth.go | 8 +- service/servicediscovery/endpoints.go | 8 +- service/servicediscovery/options.go | 4 + service/servicequotas/api_client.go | 19 +- service/servicequotas/auth.go | 8 +- service/servicequotas/endpoints.go | 8 +- service/servicequotas/options.go | 4 + service/ses/api_client.go | 19 +- service/ses/auth.go | 8 +- service/ses/endpoints.go | 8 +- service/ses/options.go | 4 + service/sesv2/api_client.go | 19 +- service/sesv2/auth.go | 8 +- service/sesv2/endpoints.go | 8 +- service/sesv2/options.go | 4 + service/sfn/api_client.go | 19 +- service/sfn/auth.go | 8 +- service/sfn/endpoints.go | 8 +- service/sfn/options.go | 4 + service/shield/api_client.go | 19 +- service/shield/auth.go | 8 +- service/shield/endpoints.go | 8 +- service/shield/options.go | 4 + service/signer/api_client.go | 19 +- service/signer/auth.go | 8 +- service/signer/endpoints.go | 8 +- service/signer/options.go | 4 + service/simspaceweaver/api_client.go | 19 +- service/simspaceweaver/auth.go | 8 +- service/simspaceweaver/endpoints.go | 8 +- service/simspaceweaver/options.go | 4 + service/sms/api_client.go | 19 +- service/sms/auth.go | 8 +- service/sms/endpoints.go | 8 +- service/sms/options.go | 4 + service/snowball/api_client.go | 19 +- service/snowball/auth.go | 8 +- service/snowball/endpoints.go | 8 +- service/snowball/options.go | 4 + service/snowdevicemanagement/api_client.go | 19 +- service/snowdevicemanagement/auth.go | 8 +- service/snowdevicemanagement/endpoints.go | 8 +- service/snowdevicemanagement/options.go | 4 + service/sns/api_client.go | 19 +- service/sns/auth.go | 8 +- service/sns/endpoints.go | 8 +- service/sns/options.go | 4 + service/sqs/api_client.go | 19 +- service/sqs/auth.go | 8 +- service/sqs/endpoints.go | 8 +- service/sqs/options.go | 4 + service/ssm/api_client.go | 19 +- service/ssm/auth.go | 8 +- service/ssm/endpoints.go | 8 +- service/ssm/options.go | 4 + service/ssmcontacts/api_client.go | 19 +- service/ssmcontacts/auth.go | 8 +- service/ssmcontacts/endpoints.go | 8 +- service/ssmcontacts/options.go | 4 + service/ssmincidents/api_client.go | 19 +- service/ssmincidents/auth.go | 8 +- service/ssmincidents/endpoints.go | 8 +- service/ssmincidents/options.go | 4 + service/ssmsap/api_client.go | 19 +- service/ssmsap/auth.go | 8 +- service/ssmsap/endpoints.go | 8 +- service/ssmsap/options.go | 4 + service/sso/api_client.go | 19 +- service/sso/auth.go | 8 +- service/sso/endpoints.go | 8 +- service/sso/options.go | 4 + service/ssoadmin/api_client.go | 19 +- service/ssoadmin/auth.go | 8 +- service/ssoadmin/endpoints.go | 8 +- service/ssoadmin/options.go | 4 + service/ssooidc/api_client.go | 19 +- service/ssooidc/auth.go | 8 +- service/ssooidc/endpoints.go | 8 +- service/ssooidc/options.go | 4 + service/storagegateway/api_client.go | 19 +- service/storagegateway/auth.go | 8 +- service/storagegateway/endpoints.go | 8 +- service/storagegateway/options.go | 4 + service/sts/api_client.go | 19 +- service/sts/auth.go | 8 +- service/sts/endpoints.go | 8 +- service/sts/options.go | 4 + service/support/api_client.go | 19 +- service/support/auth.go | 8 +- service/support/endpoints.go | 8 +- service/support/options.go | 4 + service/supportapp/api_client.go | 19 +- service/supportapp/auth.go | 8 +- service/supportapp/endpoints.go | 8 +- service/supportapp/options.go | 4 + service/swf/api_client.go | 19 +- service/swf/auth.go | 8 +- service/swf/endpoints.go | 8 +- service/swf/options.go | 4 + service/synthetics/api_client.go | 19 +- service/synthetics/auth.go | 8 +- service/synthetics/endpoints.go | 8 +- service/synthetics/options.go | 4 + service/textract/api_client.go | 19 +- service/textract/auth.go | 8 +- service/textract/endpoints.go | 8 +- service/textract/options.go | 4 + service/timestreamquery/api_client.go | 19 +- service/timestreamquery/auth.go | 8 +- service/timestreamquery/endpoints.go | 8 +- service/timestreamquery/options.go | 4 + service/timestreamwrite/api_client.go | 19 +- service/timestreamwrite/auth.go | 8 +- service/timestreamwrite/endpoints.go | 8 +- service/timestreamwrite/options.go | 4 + service/tnb/api_client.go | 19 +- service/tnb/auth.go | 8 +- service/tnb/endpoints.go | 8 +- service/tnb/options.go | 4 + service/transcribe/api_client.go | 19 +- service/transcribe/auth.go | 8 +- service/transcribe/endpoints.go | 8 +- service/transcribe/options.go | 4 + service/transcribestreaming/api_client.go | 19 +- service/transcribestreaming/auth.go | 8 +- service/transcribestreaming/endpoints.go | 8 +- service/transcribestreaming/options.go | 4 + service/transfer/api_client.go | 19 +- service/transfer/auth.go | 8 +- service/transfer/endpoints.go | 8 +- service/transfer/options.go | 4 + service/translate/api_client.go | 19 +- service/translate/auth.go | 8 +- service/translate/endpoints.go | 8 +- service/translate/options.go | 4 + service/trustedadvisor/api_client.go | 19 +- service/trustedadvisor/auth.go | 8 +- service/trustedadvisor/endpoints.go | 8 +- service/trustedadvisor/options.go | 4 + service/verifiedpermissions/api_client.go | 19 +- service/verifiedpermissions/auth.go | 8 +- service/verifiedpermissions/endpoints.go | 8 +- service/verifiedpermissions/options.go | 4 + service/voiceid/api_client.go | 19 +- service/voiceid/auth.go | 8 +- service/voiceid/endpoints.go | 8 +- service/voiceid/options.go | 4 + service/vpclattice/api_client.go | 19 +- service/vpclattice/auth.go | 8 +- service/vpclattice/endpoints.go | 8 +- service/vpclattice/options.go | 4 + service/waf/api_client.go | 19 +- service/waf/auth.go | 8 +- service/waf/endpoints.go | 8 +- service/waf/options.go | 4 + service/wafregional/api_client.go | 19 +- service/wafregional/auth.go | 8 +- service/wafregional/endpoints.go | 8 +- service/wafregional/options.go | 4 + service/wafv2/api_client.go | 19 +- service/wafv2/auth.go | 8 +- service/wafv2/endpoints.go | 8 +- service/wafv2/options.go | 4 + service/wellarchitected/api_client.go | 19 +- service/wellarchitected/auth.go | 8 +- service/wellarchitected/endpoints.go | 8 +- service/wellarchitected/options.go | 4 + service/wisdom/api_client.go | 19 +- service/wisdom/auth.go | 8 +- service/wisdom/endpoints.go | 8 +- service/wisdom/options.go | 4 + service/workdocs/api_client.go | 19 +- service/workdocs/auth.go | 8 +- service/workdocs/endpoints.go | 8 +- service/workdocs/options.go | 4 + service/worklink/api_client.go | 19 +- service/worklink/auth.go | 8 +- service/worklink/endpoints.go | 8 +- service/worklink/options.go | 4 + service/workmail/api_client.go | 19 +- service/workmail/auth.go | 8 +- service/workmail/endpoints.go | 8 +- service/workmail/options.go | 4 + service/workmailmessageflow/api_client.go | 19 +- service/workmailmessageflow/auth.go | 8 +- service/workmailmessageflow/endpoints.go | 8 +- service/workmailmessageflow/options.go | 4 + service/workspaces/api_client.go | 19 +- service/workspaces/auth.go | 8 +- service/workspaces/endpoints.go | 8 +- service/workspaces/options.go | 4 + service/workspacesthinclient/api_client.go | 19 +- service/workspacesthinclient/auth.go | 8 +- service/workspacesthinclient/endpoints.go | 8 +- service/workspacesthinclient/options.go | 4 + service/workspacesweb/api_client.go | 19 +- service/workspacesweb/auth.go | 8 +- service/workspacesweb/endpoints.go | 8 +- service/workspacesweb/options.go | 4 + service/xray/api_client.go | 19 +- service/xray/auth.go | 8 +- service/xray/endpoints.go | 8 +- service/xray/options.go | 4 + 1550 files changed, 10225 insertions(+), 5655 deletions(-) create mode 100644 aws/accountid/account_id.go create mode 100644 aws/accountid/mode/mode.go create mode 100644 service/dynamodb/api_op_UpdateKinesisStreamingDestination.go diff --git a/aws/accountid/account_id.go b/aws/accountid/account_id.go new file mode 100644 index 00000000000..3b41ba1d040 --- /dev/null +++ b/aws/accountid/account_id.go @@ -0,0 +1,36 @@ +package accountid + +import ( + "fmt" + "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" + "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + "github.com/aws/smithy-go/auth" +) + +func AccountID(identity auth.Identity, mode accountidmode.AIDMode) *string { + if ca, ok := identity.(*smithy.CredentialsAdapter); ok && (mode == accountidmode.Preferred || mode == accountidmode.Required) { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func CheckAccountID(identity auth.Identity, mode accountidmode.AIDMode) error { + switch mode { + case accountidmode.Preferred: + case accountidmode.Disabled: + case accountidmode.Required: + if ca, ok := identity.(*smithy.CredentialsAdapter); !ok { + return fmt.Errorf("the identity provider could not be converted to a valid " + + "credentials adapter and provide an accountID, should try to configure a valid credentials provider") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("the required accountID could not be empty") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled") + } + + return nil +} diff --git a/aws/accountid/mode/mode.go b/aws/accountid/mode/mode.go new file mode 100644 index 00000000000..8f3ff2d2900 --- /dev/null +++ b/aws/accountid/mode/mode.go @@ -0,0 +1,27 @@ +package mode + +import "fmt" + +// AIDMode switches on/off the account ID based endpoint routing +type AIDMode string + +const ( + Preferred AIDMode = "preferred" + Required AIDMode = "required" + Disabled AIDMode = "disabled" +) + +func (mode *AIDMode) SetFromString(s string) error { + switch { + case s == "preferred": + *mode = Preferred + case s == "required": + *mode = Required + case s == "disabled": + *mode = Disabled + default: + return fmt.Errorf("unknown account id mode, must be preferred/required/disabled") + } + + return nil +} diff --git a/aws/config.go b/aws/config.go index 2264200c169..44a734e45ec 100644 --- a/aws/config.go +++ b/aws/config.go @@ -1,6 +1,7 @@ package aws import ( + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "net/http" smithybearer "github.com/aws/smithy-go/auth/bearer" @@ -162,6 +163,10 @@ type Config struct { // This variable is sourced from environment variable AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES or // the shared config profile attribute request_min_compression_size_bytes RequestMinCompressSizeBytes int64 + + // AccountIDEndpointMode indicates how aws account ID is applied in endpoint2.0 routing. + // Will be set to preferred by default. Supported modes are: Preferred, Required and Disabled + AccountIDEndpointMode mode.AIDMode } // NewConfig returns a new Config pointer that can be chained with builder diff --git a/codegen/sdk-codegen/aws-models/dynamodb.json b/codegen/sdk-codegen/aws-models/dynamodb.json index c47b042f527..bfa78eaf3b6 100644 --- a/codegen/sdk-codegen/aws-models/dynamodb.json +++ b/codegen/sdk-codegen/aws-models/dynamodb.json @@ -29,6 +29,23 @@ ] }, "shapes": { + "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision": { + "type": "enum", + "members": { + "MILLISECOND": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MILLISECOND" + } + }, + "MICROSECOND": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MICROSECOND" + } + } + } + }, "com.amazonaws.dynamodb#ArchivalReason": { "type": "string" }, @@ -3475,6 +3492,12 @@ "traits": { "smithy.api#enumValue": "ENABLE_FAILED" } + }, + "UPDATING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UPDATING" + } } } }, @@ -3679,6 +3702,9 @@ { "target": "com.amazonaws.dynamodb#UpdateItem" }, + { + "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingDestination" + }, { "target": "com.amazonaws.dynamodb#UpdateTable" }, @@ -4791,6 +4817,20 @@ } } }, + "com.amazonaws.dynamodb#EnableKinesisStreamingConfiguration": { + "type": "structure", + "members": { + "ApproximateCreationDateTimePrecision": { + "target": "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision", + "traits": { + "smithy.api#documentation": "

Toggle for the precision of Kinesis data stream timestamp. The values are either MILLISECOND or MICROSECOND.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Enables setting the configuration for Kinesis Streaming.

" + } + }, "com.amazonaws.dynamodb#EnableKinesisStreamingDestination": { "type": "operation", "input": { @@ -6959,6 +6999,12 @@ "traits": { "smithy.api#documentation": "

The human-readable string that corresponds to the replica status.

" } + }, + "ApproximateCreationDateTimePrecision": { + "target": "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision", + "traits": { + "smithy.api#documentation": "

The precision of the Kinesis data stream timestamp. The values are either MILLISECOND or MICROSECOND.

" + } } }, "traits": { @@ -6987,6 +7033,12 @@ "smithy.api#documentation": "

The ARN for a Kinesis data stream.

", "smithy.api#required": {} } + }, + "EnableKinesisStreamingConfiguration": { + "target": "com.amazonaws.dynamodb#EnableKinesisStreamingConfiguration", + "traits": { + "smithy.api#documentation": "

The source for the Kinesis streaming information that is being enabled.

" + } } } }, @@ -7010,6 +7062,12 @@ "traits": { "smithy.api#documentation": "

The current status of the replication.

" } + }, + "EnableKinesisStreamingConfiguration": { + "target": "com.amazonaws.dynamodb#EnableKinesisStreamingConfiguration", + "traits": { + "smithy.api#documentation": "

The destination for the Kinesis streaming information that is being enabled.

" + } } } }, @@ -7777,7 +7835,7 @@ "Statement": { "target": "com.amazonaws.dynamodb#PartiQLStatement", "traits": { - "smithy.api#documentation": "

A PartiQL statment that uses parameters.

", + "smithy.api#documentation": "

A PartiQL statement that uses parameters.

", "smithy.api#required": {} } }, @@ -7795,7 +7853,7 @@ } }, "traits": { - "smithy.api#documentation": "

Represents a PartiQL statment that uses parameters.

" + "smithy.api#documentation": "

Represents a PartiQL statement that uses parameters.

" } }, "com.amazonaws.dynamodb#ParameterizedStatements": { @@ -11743,6 +11801,112 @@ "smithy.api#output": {} } }, + "com.amazonaws.dynamodb#UpdateKinesisStreamingConfiguration": { + "type": "structure", + "members": { + "ApproximateCreationDateTimePrecision": { + "target": "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision", + "traits": { + "smithy.api#documentation": "

Enables updating the precision of Kinesis data stream timestamp.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

Enables updating the configuration for Kinesis Streaming.

" + } + }, + "com.amazonaws.dynamodb#UpdateKinesisStreamingDestination": { + "type": "operation", + "input": { + "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationInput" + }, + "output": { + "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationOutput" + }, + "errors": [ + { + "target": "com.amazonaws.dynamodb#InternalServerError" + }, + { + "target": "com.amazonaws.dynamodb#InvalidEndpointException" + }, + { + "target": "com.amazonaws.dynamodb#LimitExceededException" + }, + { + "target": "com.amazonaws.dynamodb#ResourceInUseException" + }, + { + "target": "com.amazonaws.dynamodb#ResourceNotFoundException" + } + ], + "traits": { + "aws.api#clientDiscoveredEndpoint": { + "required": false + }, + "smithy.api#documentation": "

The command to update the Kinesis stream destination.

" + } + }, + "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationInput": { + "type": "structure", + "members": { + "TableName": { + "target": "com.amazonaws.dynamodb#TableName", + "traits": { + "smithy.api#documentation": "

The table name for the Kinesis streaming destination input.

", + "smithy.api#required": {} + } + }, + "StreamArn": { + "target": "com.amazonaws.dynamodb#StreamArn", + "traits": { + "smithy.api#documentation": "

The ARN for the Kinesis stream input.

", + "smithy.api#required": {} + } + }, + "UpdateKinesisStreamingConfiguration": { + "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingConfiguration", + "traits": { + "smithy.api#documentation": "

The command to update the Kinesis stream configuration.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationOutput": { + "type": "structure", + "members": { + "TableName": { + "target": "com.amazonaws.dynamodb#TableName", + "traits": { + "smithy.api#documentation": "

The table name for the Kinesis streaming destination output.

" + } + }, + "StreamArn": { + "target": "com.amazonaws.dynamodb#StreamArn", + "traits": { + "smithy.api#documentation": "

The ARN for the Kinesis stream input.

" + } + }, + "DestinationStatus": { + "target": "com.amazonaws.dynamodb#DestinationStatus", + "traits": { + "smithy.api#documentation": "

The status of the attempt to update the Kinesis streaming destination output.

" + } + }, + "UpdateKinesisStreamingConfiguration": { + "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingConfiguration", + "traits": { + "smithy.api#documentation": "

The command to update the Kinesis streaming destination configuration.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.dynamodb#UpdateReplicationGroupMemberAction": { "type": "structure", "members": { diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java index 59037cc6994..688bb90b1f4 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java @@ -81,6 +81,8 @@ public class AddAwsConfigFields implements GoIntegration { private static final String REQUEST_MIN_COMPRESSION_SIZE_BYTES = "RequestMinCompressSizeBytes"; + private static final String SDK_AID_ENDPOINT_MODE = "AccountIDEndpointMode"; + private static final List AWS_CONFIG_FIELDS = ListUtils.of( AwsConfigField.builder() .name(REGION_CONFIG_NAME) @@ -235,6 +237,11 @@ public class AddAwsConfigFields implements GoIntegration { .documentation("The inclusive min request body size to be compressed.") .servicePredicate(RequestCompression::isRequestCompressionService) .generatedOnClient(false) + .build(), + AwsConfigField.builder() + .name(SDK_AID_ENDPOINT_MODE) + .type(getAwsAccountIDModeSymbol("AIDMode")) + .documentation("Indicates how aws account ID is applied in endpoint2.0 routing") .build() ); @@ -258,6 +265,11 @@ private static Symbol getAwsRetrySymbol(String symbolName) { AwsGoDependency.AWS_RETRY).build(); } + private static Symbol getAwsAccountIDModeSymbol(String symbolName) { + return SymbolUtils.createValueSymbolBuilder(symbolName, + AwsGoDependency.AWS_ACCOUNT_ID_ENDPOINT_MODE).build(); + } + /** * Gets the sort order of the customization from -128 to 127, with lowest * executed first. diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java index d5c7b414a4e..1eb93e39591 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java @@ -64,6 +64,9 @@ public class AwsGoDependency { public static final GoDependency REGEXP = SmithyGoDependency.stdlib("regexp"); + public static final GoDependency AWS_ACCOUNT_ID = aws("aws/accountid", "accountid"); + public static final GoDependency AWS_ACCOUNT_ID_ENDPOINT_MODE = aws("aws/accountid/mode", "accountidmode"); + protected AwsGoDependency() { } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java index 93e16975fdf..e175bb64abf 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java @@ -7,6 +7,7 @@ import software.amazon.smithy.go.codegen.GoDelegator; import software.amazon.smithy.go.codegen.GoSettings; import software.amazon.smithy.go.codegen.GoStackStepMiddlewareGenerator; +import software.amazon.smithy.go.codegen.GoStdlibTypes; import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.MiddlewareIdentifier; import software.amazon.smithy.go.codegen.SmithyGoDependency; @@ -63,7 +64,13 @@ public void renderPreEndpointResolutionHook(GoSettings settings, GoWriter writer if $T(ctx) { return next.HandleFinalize(ctx, in) } - """, SdkGoTypes.Aws.Middleware.GetRequiresLegacyEndpoints); + if err := $T(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, $T("invalid accountID set: %w", err) + } + """, + SdkGoTypes.Aws.Middleware.GetRequiresLegacyEndpoints, + SdkGoTypes.Aws.AccountID.CheckAccountID, + GoStdlibTypes.Fmt.Errorf); } @Override diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java index f960ae88d9e..17d52c6f9fb 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java @@ -48,6 +48,11 @@ public static final class Retry { public static final Symbol Attempt = AwsGoDependency.AWS_RETRY.pointableSymbol("Attempt"); public static final Symbol MetricsHeader = AwsGoDependency.AWS_RETRY.pointableSymbol("MetricsHeader"); } + + public static final class AccountID { + public static final Symbol AccountID = AwsGoDependency.AWS_ACCOUNT_ID.pointableSymbol("AccountID"); + public static final Symbol CheckAccountID = AwsGoDependency.AWS_ACCOUNT_ID.pointableSymbol("CheckAccountID"); + } } public static final class Internal { diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java index 4ffcebaa92f..e5ead8d3449 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java @@ -19,6 +19,7 @@ import software.amazon.smithy.aws.traits.auth.SigV4Trait; import software.amazon.smithy.codegen.core.SymbolProvider; import software.amazon.smithy.go.codegen.GoDelegator; +import software.amazon.smithy.go.codegen.GoStdlibTypes; import software.amazon.smithy.go.codegen.GoSettings; import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.SymbolUtils; @@ -94,7 +95,7 @@ private boolean isSigV4Service(Model model, ServiceShape service) { private GoWriter.Writable writeRegionResolver() { return goTemplate(""" - func bindAuthParamsRegion(params $P, _ interface{}, options Options) { + func bindAuthParamsRegion(params $P, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } """, AuthParametersGenerator.STRUCT_SYMBOL); @@ -102,9 +103,9 @@ func bindAuthParamsRegion(params $P, _ interface{}, options Options) { private GoWriter.Writable writeEndpointParamResolver() { return goTemplate(""" - func bindAuthEndpointParams(params $P, input interface{}, options Options) { - params.endpointParams = bindEndpointParams(input, options) + func bindAuthEndpointParams(params $P, input interface{}, options Options, ctx $P) { + params.endpointParams = bindEndpointParams(input, options, ctx) } - """, AuthParametersGenerator.STRUCT_SYMBOL); + """, AuthParametersGenerator.STRUCT_SYMBOL, GoStdlibTypes.Context.Context); } } \ No newline at end of file diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java index 25a96c70532..458ed6078c5 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java @@ -32,6 +32,8 @@ public class AwsEndpointBuiltins implements GoIntegration { goTemplate("$T(options.UseARNRegion)", SdkGoTypes.Aws.Bool); private static final GoWriter.Writable BindAwsS3DisableMultiRegionAccessPoints = goTemplate("$T(options.DisableMultiRegionAccessPoints)", SdkGoTypes.Aws.Bool); + private static final GoWriter.Writable BindAccountID = + goTemplate("$T(getIdentity(ctx), options.AccountIDEndpointMode)", SdkGoTypes.Aws.AccountID.AccountID); @Override public List getClientPlugins() { @@ -45,6 +47,7 @@ public List getClientPlugins() { .addEndpointBuiltinBinding("AWS::S3::UseArnRegion", BindAwsS3UseArnRegion) .addEndpointBuiltinBinding("AWS::S3::DisableMultiRegionAccessPoints", BindAwsS3DisableMultiRegionAccessPoints) .addEndpointBuiltinBinding("AWS::S3Control::UseArnRegion", BindAwsS3UseArnRegion) + .addEndpointBuiltinBinding("AWS::Auth::AccountID", BindAccountID) .build()); } } diff --git a/config/config.go b/config/config.go index 50582d89d54..d5226cb0437 100644 --- a/config/config.go +++ b/config/config.go @@ -80,6 +80,9 @@ var defaultAWSConfigResolvers = []awsConfigResolver{ // Sets the RequestMinCompressSizeBytes if present in env var or shared config profile resolveRequestMinCompressSizeBytes, + + // Sets the AccountIDEndpointMode if present in env var or shared config profile + resolveAccountIDEndpointMode, } // A Config represents a generic configuration value or set of values. This type diff --git a/config/env_config.go b/config/env_config.go index 197147ce699..73877c982de 100644 --- a/config/env_config.go +++ b/config/env_config.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "fmt" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io" "io/ioutil" "os" @@ -81,7 +82,8 @@ const ( awsS3DisableExpressSessionAuthEnv = "AWS_S3_DISABLE_EXPRESS_SESSION_AUTH" - awsAccountIDEnv = "AWS_ACCOUNT_ID" + awsAccountIDEnv = "AWS_ACCOUNT_ID" + awsAccountIDEndpointModeEnv = "AWS_ACCOUNT_ID_ENDPOINT_MODE" ) var ( @@ -292,6 +294,9 @@ type EnvConfig struct { // will only bypass the modified endpoint routing and signing behaviors // associated with the feature. S3DisableExpressAuth *bool + + // Indicates whether account ID will be required/ignored in endpoint2.0 routing + AccountIDEndpointMode mode.AIDMode } // loadEnvConfig reads configuration values from the OS's environment variables. @@ -392,6 +397,10 @@ func NewEnvConfig() (EnvConfig, error) { return cfg, err } + if err := setAIDEndPointModeFromEnvVal(&cfg.AccountIDEndpointMode, []string{awsAccountIDEndpointModeEnv}); err != nil { + return cfg, err + } + return cfg, nil } @@ -420,6 +429,10 @@ func (c EnvConfig) getRequestMinCompressSizeBytes(context.Context) (int64, bool, return *c.RequestMinCompressSizeBytes, true, nil } +func (c EnvConfig) getAccountIDEndpointMode(context.Context) (mode.AIDMode, bool, error) { + return c.AccountIDEndpointMode, len(c.AccountIDEndpointMode) > 0, nil +} + // GetRetryMaxAttempts returns the value of AWS_MAX_ATTEMPTS if was specified, // and not 0. func (c EnvConfig) GetRetryMaxAttempts(ctx context.Context) (int, bool, error) { @@ -494,6 +507,20 @@ func setEC2IMDSEndpointMode(mode *imds.EndpointModeState, keys []string) error { return nil } +func setAIDEndPointModeFromEnvVal(mode *mode.AIDMode, keys []string) error { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue + } + if err := mode.SetFromString(value); err != nil { + return fmt.Errorf("invalid value for environment variable, %s=%s, %v", k, value, err) + } + break + } + return nil +} + // GetRegion returns the AWS Region if set in the environment. Returns an empty // string if not set. func (c EnvConfig) getRegion(ctx context.Context) (string, bool, error) { diff --git a/config/env_config_test.go b/config/env_config_test.go index 37f2c8d21d9..2813763dc9e 100644 --- a/config/env_config_test.go +++ b/config/env_config_test.go @@ -1,6 +1,7 @@ package config import ( + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "os" "reflect" "strconv" @@ -508,6 +509,22 @@ func TestNewEnvConfig(t *testing.T) { }, WantErr: true, }, + 46: { + Env: map[string]string{ + "AWS_ACCOUNT_ID_ENDPOINT_MODE": "required", + }, + Config: EnvConfig{ + AccountIDEndpointMode: mode.Required, + }, + WantErr: false, + }, + 47: { + Env: map[string]string{ + "AWS_ACCOUNT_ID_ENDPOINT_MODE": "blabla", + }, + Config: EnvConfig{}, + WantErr: true, + }, } for i, c := range cases { diff --git a/config/load_options.go b/config/load_options.go index 06596c1b7c8..50bd8428342 100644 --- a/config/load_options.go +++ b/config/load_options.go @@ -5,6 +5,7 @@ import ( "io" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds" "github.com/aws/aws-sdk-go-v2/credentials/endpointcreds" "github.com/aws/aws-sdk-go-v2/credentials/processcreds" @@ -215,6 +216,8 @@ type LoadOptions struct { // Whether S3 Express auth is disabled. S3DisableExpressAuth *bool + + AccountIDEndpointMode mode.AIDMode } func (o LoadOptions) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) { @@ -278,6 +281,10 @@ func (o LoadOptions) getRequestMinCompressSizeBytes(ctx context.Context) (int64, return *o.RequestMinCompressSizeBytes, true, nil } +func (o LoadOptions) getAccountIDEndpointMode(ctx context.Context) (mode.AIDMode, bool, error) { + return o.AccountIDEndpointMode, len(o.AccountIDEndpointMode) > 0, nil +} + // WithRegion is a helper function to construct functional options // that sets Region on config's LoadOptions. Setting the region to // an empty string, will result in the region value being ignored. @@ -323,6 +330,17 @@ func WithRequestMinCompressSizeBytes(RequestMinCompressSizeBytes *int64) LoadOpt } } +// WithAccountIDEndpointMode is a helper function to construct functional options +// that sets AccountIDEndpointMode on config's LoadOptions +func WithAccountIDEndpointMode(m mode.AIDMode) LoadOptionsFunc { + return func(o *LoadOptions) error { + if m != "" { + o.AccountIDEndpointMode = m + } + return nil + } +} + // getDefaultRegion returns DefaultRegion from config's LoadOptions func (o LoadOptions) getDefaultRegion(ctx context.Context) (string, bool, error) { if len(o.DefaultRegion) == 0 { diff --git a/config/provider.go b/config/provider.go index 13745fc98fd..1098f4aab46 100644 --- a/config/provider.go +++ b/config/provider.go @@ -2,6 +2,7 @@ package config import ( "context" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io" "net/http" @@ -225,6 +226,23 @@ func getRequestMinCompressSizeBytes(ctx context.Context, configs configs) (value return } +// accountIDEndpointModeProvider provides access to the AccountIDEndpointMode +type accountIDEndpointModeProvider interface { + getAccountIDEndpointMode(context.Context) (mode.AIDMode, bool, error) +} + +func getAccountIDEndpointMode(ctx context.Context, configs configs) (value mode.AIDMode, found bool, err error) { + for _, cfg := range configs { + if p, ok := cfg.(accountIDEndpointModeProvider); ok { + value, found, err = p.getAccountIDEndpointMode(ctx) + if err != nil || found { + break + } + } + } + return +} + // ec2IMDSRegionProvider provides access to the ec2 imds region // configuration value type ec2IMDSRegionProvider interface { diff --git a/config/resolve.go b/config/resolve.go index fde2e3980e0..6113e6181a4 100644 --- a/config/resolve.go +++ b/config/resolve.go @@ -5,6 +5,7 @@ import ( "crypto/tls" "crypto/x509" "fmt" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io/ioutil" "net/http" "os" @@ -166,6 +167,22 @@ func resolveRequestMinCompressSizeBytes(ctx context.Context, cfg *aws.Config, co return nil } +// resolveAccountIDEndpointMode extracts the AccountIDEndpointMode from the configs slice's +// SharedConfig or EnvConfig +func resolveAccountIDEndpointMode(ctx context.Context, cfg *aws.Config, configs configs) error { + m, found, err := getAccountIDEndpointMode(ctx, configs) + if err != nil { + return err + } + + if !found { + m = mode.Preferred + } + + cfg.AccountIDEndpointMode = m + return nil +} + // resolveDefaultRegion extracts the first instance of a default region and sets `aws.Config.Region` to the default // region if region had not been resolved from other sources. func resolveDefaultRegion(ctx context.Context, cfg *aws.Config, configs configs) error { diff --git a/config/resolve_test.go b/config/resolve_test.go index 1b33004379c..a3485f3b57a 100644 --- a/config/resolve_test.go +++ b/config/resolve_test.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "encoding/json" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io/ioutil" "net/http" "net/http/httptest" @@ -230,6 +231,46 @@ func TestResolveDisableRequestCompression(t *testing.T) { } } +func TestResolveAccountIDEndpointMode(t *testing.T) { + cases := map[string]struct { + AccountIDEndpointMode mode.AIDMode + ExpectMode mode.AIDMode + }{ + "accountID required for endpoint routing": { + AccountIDEndpointMode: mode.Required, + ExpectMode: mode.Required, + }, + "accountID unset": { + ExpectMode: mode.Preferred, + }, + } + + for name, c := range cases { + t.Run(name, func(t *testing.T) { + var options LoadOptions + optFns := []func(options *LoadOptions) error{ + WithAccountIDEndpointMode(c.AccountIDEndpointMode), + } + + for _, optFn := range optFns { + optFn(&options) + } + + configs := configs{options} + + var cfg aws.Config + + if err := resolveAccountIDEndpointMode(context.Background(), &cfg, configs); err != nil { + t.Fatalf("expect no error, got %v", err) + } + + if e, a := c.ExpectMode, cfg.AccountIDEndpointMode; e != a { + t.Errorf("expect AccountIDEndpointMode to be %v , got %v", e, a) + } + }) + } +} + func TestResolveCredentialsProvider(t *testing.T) { var options LoadOptions optFns := []func(options *LoadOptions) error{ diff --git a/config/shared_config.go b/config/shared_config.go index 3d8d1775e07..08ba4c885c2 100644 --- a/config/shared_config.go +++ b/config/shared_config.go @@ -5,6 +5,7 @@ import ( "context" "errors" "fmt" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io" "io/ioutil" "os" @@ -116,7 +117,8 @@ const ( s3DisableExpressSessionAuthKey = "s3_disable_express_session_auth" - accountIDKey = "aws_account_id" + accountIDKey = "aws_account_id" + accountIDEndpointMode = "account_id_endpoint_mode" ) // defaultSharedConfigProfile allows for swapping the default profile for testing @@ -343,6 +345,8 @@ type SharedConfig struct { // will only bypass the modified endpoint routing and signing behaviors // associated with the feature. S3DisableExpressAuth *bool + + AccountIDEndpointMode mode.AIDMode } func (c SharedConfig) getDefaultsMode(ctx context.Context) (value aws.DefaultsMode, ok bool, err error) { @@ -1126,6 +1130,10 @@ func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) er return fmt.Errorf("failed to load %s from shared config, %w", requestMinCompressionSizeBytes, err) } + if err := updateAIDEndpointMode(&c.AccountIDEndpointMode, section, accountIDEndpointMode); err != nil { + return fmt.Errorf("failed to load %s from shared config, %w", accountIDEndpointMode, err) + } + // Shared Credentials creds := aws.Credentials{ AccessKeyID: section.String(accessKeyIDKey), @@ -1180,6 +1188,19 @@ func updateDisableRequestCompression(disable **bool, sec ini.Section, key string return nil } +func updateAIDEndpointMode(m *mode.AIDMode, sec ini.Section, key string) error { + if !sec.Has(key) { + return nil + } + + v := sec.String(key) + if err := m.SetFromString(v); err != nil { + return fmt.Errorf("invalid value: %s, %q", v, err) + } + + return nil +} + func (c SharedConfig) getRequestMinCompressSizeBytes(ctx context.Context) (int64, bool, error) { if c.RequestMinCompressSizeBytes == nil { return 0, false, nil @@ -1194,6 +1215,10 @@ func (c SharedConfig) getDisableRequestCompression(ctx context.Context) (bool, b return *c.DisableRequestCompression, true, nil } +func (c SharedConfig) getAccountIDEndpointMode(ctx context.Context) (mode.AIDMode, bool, error) { + return c.AccountIDEndpointMode, len(c.AccountIDEndpointMode) > 0, nil +} + func updateDefaultsMode(mode *aws.DefaultsMode, section ini.Section, key string) error { if !section.Has(key) { return nil diff --git a/config/shared_config_test.go b/config/shared_config_test.go index 07881bf7c73..82f99f37fc7 100644 --- a/config/shared_config_test.go +++ b/config/shared_config_test.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "fmt" + "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "path/filepath" "reflect" "strconv" @@ -743,6 +744,22 @@ func TestNewSharedConfig(t *testing.T) { }, }, }, + "profile with account ID endpoint mode": { + ConfigFilenames: []string{testConfigFilename}, + Profile: "account_id_endpoint_mode", + Expected: SharedConfig{ + Profile: "account_id_endpoint_mode", + AccountIDEndpointMode: mode.Disabled, + }, + }, + "profile with invalid account ID endpoint mode": { + ConfigFilenames: []string{testConfigFilename}, + Profile: "account_id_endpoint_mode_error", + Expected: SharedConfig{ + Profile: "account_id_endpoint_mode_error", + }, + Err: fmt.Errorf("unknown account id mode, must be preferred/required/disabled"), + }, } for name, c := range cases { diff --git a/config/testdata/shared_config b/config/testdata/shared_config index 6d765890514..b2cbc81873b 100644 --- a/config/testdata/shared_config +++ b/config/testdata/shared_config @@ -322,3 +322,9 @@ ec2 = aws_access_key_id = account_id_akid aws_secret_access_key = account_id_secret aws_account_id = 012345678901 + +[profile account_id_endpoint_mode] +account_id_endpoint_mode = disabled + +[profile account_id_endpoint_mode_error] +account_id_endpoint_mode = blabla diff --git a/internal/protocoltest/awsrestjson/api_client.go b/internal/protocoltest/awsrestjson/api_client.go index f39aaad726d..60d47cc05d0 100644 --- a/internal/protocoltest/awsrestjson/api_client.go +++ b/internal/protocoltest/awsrestjson/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/awsrestjson/auth.go b/internal/protocoltest/awsrestjson/auth.go index 5564edd67f6..8cd6466de59 100644 --- a/internal/protocoltest/awsrestjson/auth.go +++ b/internal/protocoltest/awsrestjson/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/awsrestjson/options.go b/internal/protocoltest/awsrestjson/options.go index bd2bd6a9f84..4888d840c06 100644 --- a/internal/protocoltest/awsrestjson/options.go +++ b/internal/protocoltest/awsrestjson/options.go @@ -4,6 +4,7 @@ package awsrestjson import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -21,6 +22,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/ec2query/api_client.go b/internal/protocoltest/ec2query/api_client.go index 3891cf31616..fdf1e5b0dbd 100644 --- a/internal/protocoltest/ec2query/api_client.go +++ b/internal/protocoltest/ec2query/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/ec2query/auth.go b/internal/protocoltest/ec2query/auth.go index 3d784083847..bfb186c7784 100644 --- a/internal/protocoltest/ec2query/auth.go +++ b/internal/protocoltest/ec2query/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/ec2query/options.go b/internal/protocoltest/ec2query/options.go index d8e99b30bb7..19f5a3024cc 100644 --- a/internal/protocoltest/ec2query/options.go +++ b/internal/protocoltest/ec2query/options.go @@ -4,6 +4,7 @@ package ec2query import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -21,6 +22,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/jsonrpc/api_client.go b/internal/protocoltest/jsonrpc/api_client.go index ff4a333d31d..f1639103877 100644 --- a/internal/protocoltest/jsonrpc/api_client.go +++ b/internal/protocoltest/jsonrpc/api_client.go @@ -241,6 +241,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/jsonrpc/auth.go b/internal/protocoltest/jsonrpc/auth.go index b5ccf33dfc6..c6f742411b4 100644 --- a/internal/protocoltest/jsonrpc/auth.go +++ b/internal/protocoltest/jsonrpc/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/jsonrpc/options.go b/internal/protocoltest/jsonrpc/options.go index 9630316047b..f5d05d9593a 100644 --- a/internal/protocoltest/jsonrpc/options.go +++ b/internal/protocoltest/jsonrpc/options.go @@ -5,6 +5,7 @@ package jsonrpc import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/jsonrpc10/api_client.go b/internal/protocoltest/jsonrpc10/api_client.go index 99dcc289328..076802e155f 100644 --- a/internal/protocoltest/jsonrpc10/api_client.go +++ b/internal/protocoltest/jsonrpc10/api_client.go @@ -225,6 +225,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/jsonrpc10/auth.go b/internal/protocoltest/jsonrpc10/auth.go index 463ee3e7df5..ac45cbb5954 100644 --- a/internal/protocoltest/jsonrpc10/auth.go +++ b/internal/protocoltest/jsonrpc10/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/jsonrpc10/options.go b/internal/protocoltest/jsonrpc10/options.go index cefe9ff7d38..db57e9edb1c 100644 --- a/internal/protocoltest/jsonrpc10/options.go +++ b/internal/protocoltest/jsonrpc10/options.go @@ -4,6 +4,7 @@ package jsonrpc10 import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -21,6 +22,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/query/api_client.go b/internal/protocoltest/query/api_client.go index 64a2d3e118a..f094b7d1e32 100644 --- a/internal/protocoltest/query/api_client.go +++ b/internal/protocoltest/query/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/query/auth.go b/internal/protocoltest/query/auth.go index e6417c9b6ca..e1f358394df 100644 --- a/internal/protocoltest/query/auth.go +++ b/internal/protocoltest/query/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/query/options.go b/internal/protocoltest/query/options.go index 61469fff7a7..e5cf58834ed 100644 --- a/internal/protocoltest/query/options.go +++ b/internal/protocoltest/query/options.go @@ -4,6 +4,7 @@ package query import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -21,6 +22,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/restxml/api_client.go b/internal/protocoltest/restxml/api_client.go index fc4c369fb43..eabaa072fae 100644 --- a/internal/protocoltest/restxml/api_client.go +++ b/internal/protocoltest/restxml/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxml/auth.go b/internal/protocoltest/restxml/auth.go index 279fa13ea46..b9817d2bf83 100644 --- a/internal/protocoltest/restxml/auth.go +++ b/internal/protocoltest/restxml/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/restxml/options.go b/internal/protocoltest/restxml/options.go index e5c0a3daa4d..b1d753c95a2 100644 --- a/internal/protocoltest/restxml/options.go +++ b/internal/protocoltest/restxml/options.go @@ -4,6 +4,7 @@ package restxml import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -21,6 +22,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/restxmlwithnamespace/api_client.go b/internal/protocoltest/restxmlwithnamespace/api_client.go index f7f813d4425..853562924b9 100644 --- a/internal/protocoltest/restxmlwithnamespace/api_client.go +++ b/internal/protocoltest/restxmlwithnamespace/api_client.go @@ -215,14 +215,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxmlwithnamespace/auth.go b/internal/protocoltest/restxmlwithnamespace/auth.go index 8128ce90d17..1b7134edeb1 100644 --- a/internal/protocoltest/restxmlwithnamespace/auth.go +++ b/internal/protocoltest/restxmlwithnamespace/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/restxmlwithnamespace/options.go b/internal/protocoltest/restxmlwithnamespace/options.go index 0317b3c75c3..575a0b8f5e3 100644 --- a/internal/protocoltest/restxmlwithnamespace/options.go +++ b/internal/protocoltest/restxmlwithnamespace/options.go @@ -4,6 +4,7 @@ package restxmlwithnamespace import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -21,6 +22,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/accessanalyzer/api_client.go b/service/accessanalyzer/api_client.go index 87752cca15f..4a9c29dc185 100644 --- a/service/accessanalyzer/api_client.go +++ b/service/accessanalyzer/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/accessanalyzer/auth.go b/service/accessanalyzer/auth.go index dc7e2e64c13..f3fb5ad689f 100644 --- a/service/accessanalyzer/auth.go +++ b/service/accessanalyzer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/accessanalyzer/endpoints.go b/service/accessanalyzer/endpoints.go index a9c6242d84f..610649f0707 100644 --- a/service/accessanalyzer/endpoints.go +++ b/service/accessanalyzer/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/accessanalyzer/options.go b/service/accessanalyzer/options.go index ca4b79fb918..5e67cb87f7b 100644 --- a/service/accessanalyzer/options.go +++ b/service/accessanalyzer/options.go @@ -5,6 +5,7 @@ package accessanalyzer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/account/api_client.go b/service/account/api_client.go index c6a89552b28..e043b3f2a53 100644 --- a/service/account/api_client.go +++ b/service/account/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/account/auth.go b/service/account/auth.go index eff6c3b0bd8..dd31fcc8c14 100644 --- a/service/account/auth.go +++ b/service/account/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/account/endpoints.go b/service/account/endpoints.go index ce40b437d69..ea7328dd9ee 100644 --- a/service/account/endpoints.go +++ b/service/account/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -508,7 +509,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -537,6 +538,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/account/options.go b/service/account/options.go index b346281233b..e65adf1c843 100644 --- a/service/account/options.go +++ b/service/account/options.go @@ -5,6 +5,7 @@ package account import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/acm/api_client.go b/service/acm/api_client.go index 809d8f6c04d..664aa2d443b 100644 --- a/service/acm/api_client.go +++ b/service/acm/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/acm/auth.go b/service/acm/auth.go index d835fd61fad..403868c1d8a 100644 --- a/service/acm/auth.go +++ b/service/acm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/acm/endpoints.go b/service/acm/endpoints.go index 99e9012a1c1..c7fa15b68e3 100644 --- a/service/acm/endpoints.go +++ b/service/acm/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/acm/options.go b/service/acm/options.go index 77edd733ce1..09d25127f96 100644 --- a/service/acm/options.go +++ b/service/acm/options.go @@ -5,6 +5,7 @@ package acm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/acmpca/api_client.go b/service/acmpca/api_client.go index 9bf06d8be05..1b4a5601560 100644 --- a/service/acmpca/api_client.go +++ b/service/acmpca/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/acmpca/auth.go b/service/acmpca/auth.go index 69b02aca23d..7f6a694417c 100644 --- a/service/acmpca/auth.go +++ b/service/acmpca/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/acmpca/endpoints.go b/service/acmpca/endpoints.go index c7c9ca209d5..29b2313284e 100644 --- a/service/acmpca/endpoints.go +++ b/service/acmpca/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/acmpca/options.go b/service/acmpca/options.go index 8ac2813ff96..2d99de64512 100644 --- a/service/acmpca/options.go +++ b/service/acmpca/options.go @@ -5,6 +5,7 @@ package acmpca import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/alexaforbusiness/api_client.go b/service/alexaforbusiness/api_client.go index c0959168693..962e464dca5 100644 --- a/service/alexaforbusiness/api_client.go +++ b/service/alexaforbusiness/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/alexaforbusiness/auth.go b/service/alexaforbusiness/auth.go index dc24f714049..b453545b525 100644 --- a/service/alexaforbusiness/auth.go +++ b/service/alexaforbusiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/alexaforbusiness/endpoints.go b/service/alexaforbusiness/endpoints.go index 33eeaaff954..b484045bc8d 100644 --- a/service/alexaforbusiness/endpoints.go +++ b/service/alexaforbusiness/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/alexaforbusiness/options.go b/service/alexaforbusiness/options.go index 5d9b44d937b..df18f270f54 100644 --- a/service/alexaforbusiness/options.go +++ b/service/alexaforbusiness/options.go @@ -5,6 +5,7 @@ package alexaforbusiness import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amp/api_client.go b/service/amp/api_client.go index 96a64cf9f3b..660398434e1 100644 --- a/service/amp/api_client.go +++ b/service/amp/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amp/auth.go b/service/amp/auth.go index 8e90d81a4bd..8e17d4436ad 100644 --- a/service/amp/auth.go +++ b/service/amp/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amp/endpoints.go b/service/amp/endpoints.go index 8d80154d1f3..ac5734123a3 100644 --- a/service/amp/endpoints.go +++ b/service/amp/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amp/options.go b/service/amp/options.go index 829dbabaa8f..78805d53d0c 100644 --- a/service/amp/options.go +++ b/service/amp/options.go @@ -5,6 +5,7 @@ package amp import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplify/api_client.go b/service/amplify/api_client.go index 73e329e4a84..2953869c7fd 100644 --- a/service/amplify/api_client.go +++ b/service/amplify/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amplify/auth.go b/service/amplify/auth.go index fab9ad320e9..5636338c457 100644 --- a/service/amplify/auth.go +++ b/service/amplify/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplify/endpoints.go b/service/amplify/endpoints.go index b707379f4cb..3ba17a56d1f 100644 --- a/service/amplify/endpoints.go +++ b/service/amplify/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplify/options.go b/service/amplify/options.go index 3a64da839b1..c719e28e281 100644 --- a/service/amplify/options.go +++ b/service/amplify/options.go @@ -5,6 +5,7 @@ package amplify import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplifybackend/api_client.go b/service/amplifybackend/api_client.go index 47f64ea77b6..b7a6869b355 100644 --- a/service/amplifybackend/api_client.go +++ b/service/amplifybackend/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amplifybackend/auth.go b/service/amplifybackend/auth.go index 88e12264988..7f9ecc16f39 100644 --- a/service/amplifybackend/auth.go +++ b/service/amplifybackend/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplifybackend/endpoints.go b/service/amplifybackend/endpoints.go index 48c29f8dddb..0eb19899e5a 100644 --- a/service/amplifybackend/endpoints.go +++ b/service/amplifybackend/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplifybackend/options.go b/service/amplifybackend/options.go index 0dac28bfee7..9b63e113ed8 100644 --- a/service/amplifybackend/options.go +++ b/service/amplifybackend/options.go @@ -5,6 +5,7 @@ package amplifybackend import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplifyuibuilder/api_client.go b/service/amplifyuibuilder/api_client.go index 8c8b73ba9a9..93bf403f266 100644 --- a/service/amplifyuibuilder/api_client.go +++ b/service/amplifyuibuilder/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amplifyuibuilder/auth.go b/service/amplifyuibuilder/auth.go index 213f2652aa1..399fb66caaa 100644 --- a/service/amplifyuibuilder/auth.go +++ b/service/amplifyuibuilder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplifyuibuilder/endpoints.go b/service/amplifyuibuilder/endpoints.go index bbb43b081cf..4bd35af5f4c 100644 --- a/service/amplifyuibuilder/endpoints.go +++ b/service/amplifyuibuilder/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplifyuibuilder/options.go b/service/amplifyuibuilder/options.go index bdbd6f5f287..a019dab88d4 100644 --- a/service/amplifyuibuilder/options.go +++ b/service/amplifyuibuilder/options.go @@ -5,6 +5,7 @@ package amplifyuibuilder import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigateway/api_client.go b/service/apigateway/api_client.go index 347be8c229e..4f324c836ce 100644 --- a/service/apigateway/api_client.go +++ b/service/apigateway/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apigateway/auth.go b/service/apigateway/auth.go index 2ff757469f6..2d4f1e75bfc 100644 --- a/service/apigateway/auth.go +++ b/service/apigateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigateway/endpoints.go b/service/apigateway/endpoints.go index 67e8f9896f7..e82d51a6c75 100644 --- a/service/apigateway/endpoints.go +++ b/service/apigateway/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigateway/options.go b/service/apigateway/options.go index 2eeaf81d95a..eedbec4f726 100644 --- a/service/apigateway/options.go +++ b/service/apigateway/options.go @@ -5,6 +5,7 @@ package apigateway import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigatewaymanagementapi/api_client.go b/service/apigatewaymanagementapi/api_client.go index d003244c276..157398cdbbe 100644 --- a/service/apigatewaymanagementapi/api_client.go +++ b/service/apigatewaymanagementapi/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apigatewaymanagementapi/auth.go b/service/apigatewaymanagementapi/auth.go index 51cf731ac1b..490143aae47 100644 --- a/service/apigatewaymanagementapi/auth.go +++ b/service/apigatewaymanagementapi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigatewaymanagementapi/endpoints.go b/service/apigatewaymanagementapi/endpoints.go index 7a91885a5d2..fc47ef0fcd4 100644 --- a/service/apigatewaymanagementapi/endpoints.go +++ b/service/apigatewaymanagementapi/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigatewaymanagementapi/options.go b/service/apigatewaymanagementapi/options.go index f4d53167a7b..da866441feb 100644 --- a/service/apigatewaymanagementapi/options.go +++ b/service/apigatewaymanagementapi/options.go @@ -5,6 +5,7 @@ package apigatewaymanagementapi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigatewayv2/api_client.go b/service/apigatewayv2/api_client.go index 2e5b34201a9..45e23f10216 100644 --- a/service/apigatewayv2/api_client.go +++ b/service/apigatewayv2/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apigatewayv2/auth.go b/service/apigatewayv2/auth.go index 366e1d62487..0a11e072958 100644 --- a/service/apigatewayv2/auth.go +++ b/service/apigatewayv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigatewayv2/endpoints.go b/service/apigatewayv2/endpoints.go index 634042b6fe0..97d5f1b9e83 100644 --- a/service/apigatewayv2/endpoints.go +++ b/service/apigatewayv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigatewayv2/options.go b/service/apigatewayv2/options.go index 2d335fa1572..74cd1165e77 100644 --- a/service/apigatewayv2/options.go +++ b/service/apigatewayv2/options.go @@ -5,6 +5,7 @@ package apigatewayv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appconfig/api_client.go b/service/appconfig/api_client.go index fb123744c1c..d7368f59b6a 100644 --- a/service/appconfig/api_client.go +++ b/service/appconfig/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appconfig/auth.go b/service/appconfig/auth.go index 399b2a3e472..fae21493116 100644 --- a/service/appconfig/auth.go +++ b/service/appconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appconfig/endpoints.go b/service/appconfig/endpoints.go index bf4df93224d..92d955eecef 100644 --- a/service/appconfig/endpoints.go +++ b/service/appconfig/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +466,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -494,6 +495,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appconfig/options.go b/service/appconfig/options.go index a9c45e0c8bb..a9304532fe4 100644 --- a/service/appconfig/options.go +++ b/service/appconfig/options.go @@ -5,6 +5,7 @@ package appconfig import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appconfigdata/api_client.go b/service/appconfigdata/api_client.go index ada9497da13..848af7c4911 100644 --- a/service/appconfigdata/api_client.go +++ b/service/appconfigdata/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appconfigdata/auth.go b/service/appconfigdata/auth.go index c611bb300a3..55738ab3059 100644 --- a/service/appconfigdata/auth.go +++ b/service/appconfigdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appconfigdata/endpoints.go b/service/appconfigdata/endpoints.go index fe078a297a5..e9987357011 100644 --- a/service/appconfigdata/endpoints.go +++ b/service/appconfigdata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appconfigdata/options.go b/service/appconfigdata/options.go index fb71991d3ed..e33171e7900 100644 --- a/service/appconfigdata/options.go +++ b/service/appconfigdata/options.go @@ -5,6 +5,7 @@ package appconfigdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appfabric/api_client.go b/service/appfabric/api_client.go index 84f4704dc85..25ce77ff857 100644 --- a/service/appfabric/api_client.go +++ b/service/appfabric/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appfabric/auth.go b/service/appfabric/auth.go index 892b57015b3..9b672ce044a 100644 --- a/service/appfabric/auth.go +++ b/service/appfabric/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appfabric/endpoints.go b/service/appfabric/endpoints.go index 2750868e999..b25207c7531 100644 --- a/service/appfabric/endpoints.go +++ b/service/appfabric/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appfabric/options.go b/service/appfabric/options.go index c157deda065..baa5727ac7b 100644 --- a/service/appfabric/options.go +++ b/service/appfabric/options.go @@ -5,6 +5,7 @@ package appfabric import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appflow/api_client.go b/service/appflow/api_client.go index d6a35f4133a..9d6903ce148 100644 --- a/service/appflow/api_client.go +++ b/service/appflow/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appflow/auth.go b/service/appflow/auth.go index e8bdec2c46d..d7d2408179f 100644 --- a/service/appflow/auth.go +++ b/service/appflow/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appflow/endpoints.go b/service/appflow/endpoints.go index 4b1aca0ed61..fac4fb81ed0 100644 --- a/service/appflow/endpoints.go +++ b/service/appflow/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appflow/options.go b/service/appflow/options.go index 9949552f60c..02fa79fc2cc 100644 --- a/service/appflow/options.go +++ b/service/appflow/options.go @@ -5,6 +5,7 @@ package appflow import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appintegrations/api_client.go b/service/appintegrations/api_client.go index e67c782ca9f..f8b2cc6c5f5 100644 --- a/service/appintegrations/api_client.go +++ b/service/appintegrations/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appintegrations/auth.go b/service/appintegrations/auth.go index bbcc9d43195..4f52dff846b 100644 --- a/service/appintegrations/auth.go +++ b/service/appintegrations/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appintegrations/endpoints.go b/service/appintegrations/endpoints.go index fe26519945b..97a002d39bc 100644 --- a/service/appintegrations/endpoints.go +++ b/service/appintegrations/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appintegrations/options.go b/service/appintegrations/options.go index 1987a53d2ee..8d1eff4de2e 100644 --- a/service/appintegrations/options.go +++ b/service/appintegrations/options.go @@ -5,6 +5,7 @@ package appintegrations import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationautoscaling/api_client.go b/service/applicationautoscaling/api_client.go index c2b1fdfb2cc..7d6acdbfc5e 100644 --- a/service/applicationautoscaling/api_client.go +++ b/service/applicationautoscaling/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationautoscaling/auth.go b/service/applicationautoscaling/auth.go index 0d831c03ced..998b5852679 100644 --- a/service/applicationautoscaling/auth.go +++ b/service/applicationautoscaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationautoscaling/endpoints.go b/service/applicationautoscaling/endpoints.go index 0feb569e49c..b9a932caf98 100644 --- a/service/applicationautoscaling/endpoints.go +++ b/service/applicationautoscaling/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationautoscaling/options.go b/service/applicationautoscaling/options.go index f60a2d67a83..d5c2a924426 100644 --- a/service/applicationautoscaling/options.go +++ b/service/applicationautoscaling/options.go @@ -5,6 +5,7 @@ package applicationautoscaling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationcostprofiler/api_client.go b/service/applicationcostprofiler/api_client.go index 1edbca985c9..107625557c0 100644 --- a/service/applicationcostprofiler/api_client.go +++ b/service/applicationcostprofiler/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationcostprofiler/auth.go b/service/applicationcostprofiler/auth.go index 3b5bd5100d3..612c201fa7f 100644 --- a/service/applicationcostprofiler/auth.go +++ b/service/applicationcostprofiler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationcostprofiler/endpoints.go b/service/applicationcostprofiler/endpoints.go index 4855f85d287..9bd7a90aacd 100644 --- a/service/applicationcostprofiler/endpoints.go +++ b/service/applicationcostprofiler/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationcostprofiler/options.go b/service/applicationcostprofiler/options.go index 1a5293d2d67..fe1efa30f72 100644 --- a/service/applicationcostprofiler/options.go +++ b/service/applicationcostprofiler/options.go @@ -5,6 +5,7 @@ package applicationcostprofiler import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationdiscoveryservice/api_client.go b/service/applicationdiscoveryservice/api_client.go index 6f55246bdfa..ff0d1253b66 100644 --- a/service/applicationdiscoveryservice/api_client.go +++ b/service/applicationdiscoveryservice/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationdiscoveryservice/auth.go b/service/applicationdiscoveryservice/auth.go index 4510690c411..1a808ada220 100644 --- a/service/applicationdiscoveryservice/auth.go +++ b/service/applicationdiscoveryservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationdiscoveryservice/endpoints.go b/service/applicationdiscoveryservice/endpoints.go index ac4cf62de3c..17a456fc86e 100644 --- a/service/applicationdiscoveryservice/endpoints.go +++ b/service/applicationdiscoveryservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationdiscoveryservice/options.go b/service/applicationdiscoveryservice/options.go index 33bc3e728aa..9b05130fcf9 100644 --- a/service/applicationdiscoveryservice/options.go +++ b/service/applicationdiscoveryservice/options.go @@ -5,6 +5,7 @@ package applicationdiscoveryservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationinsights/api_client.go b/service/applicationinsights/api_client.go index 39b2102bd1e..f4ba1f9229a 100644 --- a/service/applicationinsights/api_client.go +++ b/service/applicationinsights/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationinsights/auth.go b/service/applicationinsights/auth.go index a440b044c34..1d78ba3c2d3 100644 --- a/service/applicationinsights/auth.go +++ b/service/applicationinsights/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationinsights/endpoints.go b/service/applicationinsights/endpoints.go index a06cec1dff3..bea03bc49c8 100644 --- a/service/applicationinsights/endpoints.go +++ b/service/applicationinsights/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationinsights/options.go b/service/applicationinsights/options.go index 0104b50bbfd..e6e11569d25 100644 --- a/service/applicationinsights/options.go +++ b/service/applicationinsights/options.go @@ -5,6 +5,7 @@ package applicationinsights import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appmesh/api_client.go b/service/appmesh/api_client.go index 252002f46c9..60794c27b25 100644 --- a/service/appmesh/api_client.go +++ b/service/appmesh/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appmesh/auth.go b/service/appmesh/auth.go index 2a4c86d891a..e51445fcf17 100644 --- a/service/appmesh/auth.go +++ b/service/appmesh/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appmesh/endpoints.go b/service/appmesh/endpoints.go index 8ce49216bd5..7fcbe0e0873 100644 --- a/service/appmesh/endpoints.go +++ b/service/appmesh/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appmesh/options.go b/service/appmesh/options.go index 1cab890736d..3682199b8dd 100644 --- a/service/appmesh/options.go +++ b/service/appmesh/options.go @@ -5,6 +5,7 @@ package appmesh import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apprunner/api_client.go b/service/apprunner/api_client.go index 840180e120f..6fc2fa6c038 100644 --- a/service/apprunner/api_client.go +++ b/service/apprunner/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apprunner/auth.go b/service/apprunner/auth.go index 331ea57342a..71b8ffab5b2 100644 --- a/service/apprunner/auth.go +++ b/service/apprunner/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apprunner/endpoints.go b/service/apprunner/endpoints.go index 8480e1c52f6..6a3a4345c74 100644 --- a/service/apprunner/endpoints.go +++ b/service/apprunner/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apprunner/options.go b/service/apprunner/options.go index dbab338d6df..71be70c977f 100644 --- a/service/apprunner/options.go +++ b/service/apprunner/options.go @@ -5,6 +5,7 @@ package apprunner import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appstream/api_client.go b/service/appstream/api_client.go index b9a12d78d94..33ff87e55a7 100644 --- a/service/appstream/api_client.go +++ b/service/appstream/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appstream/auth.go b/service/appstream/auth.go index b420016665e..ec31aec27a7 100644 --- a/service/appstream/auth.go +++ b/service/appstream/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appstream/endpoints.go b/service/appstream/endpoints.go index 4f1a2fe1c1e..e7cfadd1bb7 100644 --- a/service/appstream/endpoints.go +++ b/service/appstream/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appstream/options.go b/service/appstream/options.go index 7e745094409..79d5a76b5ac 100644 --- a/service/appstream/options.go +++ b/service/appstream/options.go @@ -5,6 +5,7 @@ package appstream import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appsync/api_client.go b/service/appsync/api_client.go index 3ce524e6908..f45a307e576 100644 --- a/service/appsync/api_client.go +++ b/service/appsync/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appsync/auth.go b/service/appsync/auth.go index c5dd4955ae2..d9dafade6f0 100644 --- a/service/appsync/auth.go +++ b/service/appsync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appsync/endpoints.go b/service/appsync/endpoints.go index 5925615e678..2a5966e62e0 100644 --- a/service/appsync/endpoints.go +++ b/service/appsync/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appsync/options.go b/service/appsync/options.go index 8f4505d8489..f81913586d9 100644 --- a/service/appsync/options.go +++ b/service/appsync/options.go @@ -5,6 +5,7 @@ package appsync import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/arczonalshift/api_client.go b/service/arczonalshift/api_client.go index 60330e886b0..4ad3b4be161 100644 --- a/service/arczonalshift/api_client.go +++ b/service/arczonalshift/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/arczonalshift/auth.go b/service/arczonalshift/auth.go index 8c947a047ec..0eb108790f2 100644 --- a/service/arczonalshift/auth.go +++ b/service/arczonalshift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/arczonalshift/endpoints.go b/service/arczonalshift/endpoints.go index 5523a2834fc..e3e4b420c65 100644 --- a/service/arczonalshift/endpoints.go +++ b/service/arczonalshift/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/arczonalshift/options.go b/service/arczonalshift/options.go index 2f88c457456..c331ffb1f48 100644 --- a/service/arczonalshift/options.go +++ b/service/arczonalshift/options.go @@ -5,6 +5,7 @@ package arczonalshift import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/athena/api_client.go b/service/athena/api_client.go index 8e264e29fa1..1d787d7983b 100644 --- a/service/athena/api_client.go +++ b/service/athena/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/athena/auth.go b/service/athena/auth.go index a819f1195df..e111acee884 100644 --- a/service/athena/auth.go +++ b/service/athena/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/athena/endpoints.go b/service/athena/endpoints.go index 84f10fa8261..e5288e180da 100644 --- a/service/athena/endpoints.go +++ b/service/athena/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/athena/options.go b/service/athena/options.go index f3f1f5fa505..7fda1000f12 100644 --- a/service/athena/options.go +++ b/service/athena/options.go @@ -5,6 +5,7 @@ package athena import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/auditmanager/api_client.go b/service/auditmanager/api_client.go index ee103eaf266..b8466d0c6df 100644 --- a/service/auditmanager/api_client.go +++ b/service/auditmanager/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/auditmanager/auth.go b/service/auditmanager/auth.go index 7782307f945..761cd3aded3 100644 --- a/service/auditmanager/auth.go +++ b/service/auditmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/auditmanager/endpoints.go b/service/auditmanager/endpoints.go index 337023a7638..c674a0a287f 100644 --- a/service/auditmanager/endpoints.go +++ b/service/auditmanager/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/auditmanager/options.go b/service/auditmanager/options.go index 2844f7ba499..2f8bee77830 100644 --- a/service/auditmanager/options.go +++ b/service/auditmanager/options.go @@ -5,6 +5,7 @@ package auditmanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/autoscaling/api_client.go b/service/autoscaling/api_client.go index ebffefb3f0f..000c2a05c1c 100644 --- a/service/autoscaling/api_client.go +++ b/service/autoscaling/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/autoscaling/auth.go b/service/autoscaling/auth.go index 4c2a3897ec4..5d1e7515a93 100644 --- a/service/autoscaling/auth.go +++ b/service/autoscaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/autoscaling/endpoints.go b/service/autoscaling/endpoints.go index 7e3e5287c7c..81d797221ff 100644 --- a/service/autoscaling/endpoints.go +++ b/service/autoscaling/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/autoscaling/options.go b/service/autoscaling/options.go index 9a183095a31..06f515755ee 100644 --- a/service/autoscaling/options.go +++ b/service/autoscaling/options.go @@ -5,6 +5,7 @@ package autoscaling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/autoscalingplans/api_client.go b/service/autoscalingplans/api_client.go index 7512fcf7fda..8c284930dfd 100644 --- a/service/autoscalingplans/api_client.go +++ b/service/autoscalingplans/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/autoscalingplans/auth.go b/service/autoscalingplans/auth.go index 47bc2e5478d..68e91951e3e 100644 --- a/service/autoscalingplans/auth.go +++ b/service/autoscalingplans/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/autoscalingplans/endpoints.go b/service/autoscalingplans/endpoints.go index b72ee91e7e6..90100bd1f83 100644 --- a/service/autoscalingplans/endpoints.go +++ b/service/autoscalingplans/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/autoscalingplans/options.go b/service/autoscalingplans/options.go index 05f31b55b77..fd816984ef3 100644 --- a/service/autoscalingplans/options.go +++ b/service/autoscalingplans/options.go @@ -5,6 +5,7 @@ package autoscalingplans import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/b2bi/api_client.go b/service/b2bi/api_client.go index c7d6ad9a48b..8e0ea49348d 100644 --- a/service/b2bi/api_client.go +++ b/service/b2bi/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/b2bi/auth.go b/service/b2bi/auth.go index 621982d01b2..15700b05980 100644 --- a/service/b2bi/auth.go +++ b/service/b2bi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/b2bi/endpoints.go b/service/b2bi/endpoints.go index 416a441eada..10be06c981a 100644 --- a/service/b2bi/endpoints.go +++ b/service/b2bi/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/b2bi/options.go b/service/b2bi/options.go index 83b7f186c3a..a90f6a3c8b3 100644 --- a/service/b2bi/options.go +++ b/service/b2bi/options.go @@ -5,6 +5,7 @@ package b2bi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backup/api_client.go b/service/backup/api_client.go index 1b8de15e813..2efb04bbfbe 100644 --- a/service/backup/api_client.go +++ b/service/backup/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/backup/auth.go b/service/backup/auth.go index a80946ab435..97d00f4ead2 100644 --- a/service/backup/auth.go +++ b/service/backup/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backup/endpoints.go b/service/backup/endpoints.go index a56cb68ac5a..ef6db050b32 100644 --- a/service/backup/endpoints.go +++ b/service/backup/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backup/options.go b/service/backup/options.go index b6d89e22e7b..33a88de0c55 100644 --- a/service/backup/options.go +++ b/service/backup/options.go @@ -5,6 +5,7 @@ package backup import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backupgateway/api_client.go b/service/backupgateway/api_client.go index 9a72e44e110..c848b323666 100644 --- a/service/backupgateway/api_client.go +++ b/service/backupgateway/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/backupgateway/auth.go b/service/backupgateway/auth.go index d91472bc572..1bc1d95af5a 100644 --- a/service/backupgateway/auth.go +++ b/service/backupgateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backupgateway/endpoints.go b/service/backupgateway/endpoints.go index d11d7b56a4b..6bae18e92d2 100644 --- a/service/backupgateway/endpoints.go +++ b/service/backupgateway/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backupgateway/options.go b/service/backupgateway/options.go index ebb2d074e92..9fb7a497494 100644 --- a/service/backupgateway/options.go +++ b/service/backupgateway/options.go @@ -5,6 +5,7 @@ package backupgateway import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backupstorage/api_client.go b/service/backupstorage/api_client.go index a18a99db7f1..a2f59dcbc2e 100644 --- a/service/backupstorage/api_client.go +++ b/service/backupstorage/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/backupstorage/auth.go b/service/backupstorage/auth.go index 9dacc499bfe..8b638d2a138 100644 --- a/service/backupstorage/auth.go +++ b/service/backupstorage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -190,7 +190,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backupstorage/endpoints.go b/service/backupstorage/endpoints.go index a90d933a49a..a82007afa5a 100644 --- a/service/backupstorage/endpoints.go +++ b/service/backupstorage/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backupstorage/options.go b/service/backupstorage/options.go index 83701b74b14..5fbfb47014d 100644 --- a/service/backupstorage/options.go +++ b/service/backupstorage/options.go @@ -5,6 +5,7 @@ package backupstorage import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/batch/api_client.go b/service/batch/api_client.go index fbb0f62684b..88823343bc8 100644 --- a/service/batch/api_client.go +++ b/service/batch/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/batch/auth.go b/service/batch/auth.go index f17ae176ebd..ab984df7e9a 100644 --- a/service/batch/auth.go +++ b/service/batch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/batch/endpoints.go b/service/batch/endpoints.go index b953f54b653..e777bcd2b13 100644 --- a/service/batch/endpoints.go +++ b/service/batch/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/batch/options.go b/service/batch/options.go index c9038923519..68e39cf80b7 100644 --- a/service/batch/options.go +++ b/service/batch/options.go @@ -5,6 +5,7 @@ package batch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bcmdataexports/api_client.go b/service/bcmdataexports/api_client.go index 40d95ba6f2d..88053688d55 100644 --- a/service/bcmdataexports/api_client.go +++ b/service/bcmdataexports/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bcmdataexports/auth.go b/service/bcmdataexports/auth.go index 9fbb062c8e7..6a3069c7bd8 100644 --- a/service/bcmdataexports/auth.go +++ b/service/bcmdataexports/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bcmdataexports/endpoints.go b/service/bcmdataexports/endpoints.go index 8a2abd0dc44..c66eb8186fd 100644 --- a/service/bcmdataexports/endpoints.go +++ b/service/bcmdataexports/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -464,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -492,6 +493,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -502,7 +506,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bcmdataexports/options.go b/service/bcmdataexports/options.go index 396bd2bb7b2..c17563945ef 100644 --- a/service/bcmdataexports/options.go +++ b/service/bcmdataexports/options.go @@ -5,6 +5,7 @@ package bcmdataexports import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrock/api_client.go b/service/bedrock/api_client.go index bec76d136d7..10464dfaaee 100644 --- a/service/bedrock/api_client.go +++ b/service/bedrock/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrock/auth.go b/service/bedrock/auth.go index 5fb4c6956b5..4dff47684cf 100644 --- a/service/bedrock/auth.go +++ b/service/bedrock/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrock/endpoints.go b/service/bedrock/endpoints.go index 3434ef052f2..f8523fddac3 100644 --- a/service/bedrock/endpoints.go +++ b/service/bedrock/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrock/options.go b/service/bedrock/options.go index 0faea81e708..4ee3f9245f4 100644 --- a/service/bedrock/options.go +++ b/service/bedrock/options.go @@ -5,6 +5,7 @@ package bedrock import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockagent/api_client.go b/service/bedrockagent/api_client.go index 8b8902be1a5..7975af8f063 100644 --- a/service/bedrockagent/api_client.go +++ b/service/bedrockagent/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrockagent/auth.go b/service/bedrockagent/auth.go index 0a53cadc7b4..d289662fc97 100644 --- a/service/bedrockagent/auth.go +++ b/service/bedrockagent/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockagent/endpoints.go b/service/bedrockagent/endpoints.go index 068db137928..25c33ccfe79 100644 --- a/service/bedrockagent/endpoints.go +++ b/service/bedrockagent/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockagent/options.go b/service/bedrockagent/options.go index 763f8c1e7d7..ef12e4da153 100644 --- a/service/bedrockagent/options.go +++ b/service/bedrockagent/options.go @@ -5,6 +5,7 @@ package bedrockagent import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockagentruntime/api_client.go b/service/bedrockagentruntime/api_client.go index abb0323fcf0..2282fb95586 100644 --- a/service/bedrockagentruntime/api_client.go +++ b/service/bedrockagentruntime/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrockagentruntime/auth.go b/service/bedrockagentruntime/auth.go index f7aa5347ff0..a303b7f8664 100644 --- a/service/bedrockagentruntime/auth.go +++ b/service/bedrockagentruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockagentruntime/endpoints.go b/service/bedrockagentruntime/endpoints.go index b14a1aef363..a58326d3147 100644 --- a/service/bedrockagentruntime/endpoints.go +++ b/service/bedrockagentruntime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockagentruntime/options.go b/service/bedrockagentruntime/options.go index bb0d5954e9c..a666be5817a 100644 --- a/service/bedrockagentruntime/options.go +++ b/service/bedrockagentruntime/options.go @@ -5,6 +5,7 @@ package bedrockagentruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockruntime/api_client.go b/service/bedrockruntime/api_client.go index 47a24f54641..5f43661305f 100644 --- a/service/bedrockruntime/api_client.go +++ b/service/bedrockruntime/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrockruntime/auth.go b/service/bedrockruntime/auth.go index e6b3c0bf253..13ae3388056 100644 --- a/service/bedrockruntime/auth.go +++ b/service/bedrockruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockruntime/endpoints.go b/service/bedrockruntime/endpoints.go index 91afc6d87a2..bf499ac507d 100644 --- a/service/bedrockruntime/endpoints.go +++ b/service/bedrockruntime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockruntime/options.go b/service/bedrockruntime/options.go index 78b258a178b..f23820bf71d 100644 --- a/service/bedrockruntime/options.go +++ b/service/bedrockruntime/options.go @@ -5,6 +5,7 @@ package bedrockruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/billingconductor/api_client.go b/service/billingconductor/api_client.go index dbd40fcc41f..3c8d88202f1 100644 --- a/service/billingconductor/api_client.go +++ b/service/billingconductor/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/billingconductor/auth.go b/service/billingconductor/auth.go index 1130662d1f3..779e90292c1 100644 --- a/service/billingconductor/auth.go +++ b/service/billingconductor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/billingconductor/endpoints.go b/service/billingconductor/endpoints.go index f1f840aca11..997d2a65006 100644 --- a/service/billingconductor/endpoints.go +++ b/service/billingconductor/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -474,7 +475,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -503,6 +504,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -513,7 +517,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/billingconductor/options.go b/service/billingconductor/options.go index 7e5c4bf6393..ae92a4d9e75 100644 --- a/service/billingconductor/options.go +++ b/service/billingconductor/options.go @@ -5,6 +5,7 @@ package billingconductor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/braket/api_client.go b/service/braket/api_client.go index da1a292e9a5..ffc5b4ad4e4 100644 --- a/service/braket/api_client.go +++ b/service/braket/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/braket/auth.go b/service/braket/auth.go index 4ae3d36980f..23c3607f3c2 100644 --- a/service/braket/auth.go +++ b/service/braket/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/braket/endpoints.go b/service/braket/endpoints.go index 16e5eb1b8cf..438dfdbe1bf 100644 --- a/service/braket/endpoints.go +++ b/service/braket/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/braket/options.go b/service/braket/options.go index 6f2478af3c7..2c524cc2e36 100644 --- a/service/braket/options.go +++ b/service/braket/options.go @@ -5,6 +5,7 @@ package braket import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/budgets/api_client.go b/service/budgets/api_client.go index 8843511cb78..eb690adb482 100644 --- a/service/budgets/api_client.go +++ b/service/budgets/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/budgets/auth.go b/service/budgets/auth.go index 9b66a814445..7d3683f4322 100644 --- a/service/budgets/auth.go +++ b/service/budgets/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/budgets/endpoints.go b/service/budgets/endpoints.go index ad90204c52c..63ad0b5086c 100644 --- a/service/budgets/endpoints.go +++ b/service/budgets/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -508,7 +509,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -537,6 +538,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/budgets/options.go b/service/budgets/options.go index d34e144ab4a..24ab3cc689a 100644 --- a/service/budgets/options.go +++ b/service/budgets/options.go @@ -5,6 +5,7 @@ package budgets import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chime/api_client.go b/service/chime/api_client.go index 8990bfd76d9..06b194fa0ab 100644 --- a/service/chime/api_client.go +++ b/service/chime/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chime/auth.go b/service/chime/auth.go index 6adcb392e6b..4ebf00fef53 100644 --- a/service/chime/auth.go +++ b/service/chime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chime/endpoints.go b/service/chime/endpoints.go index 9e83ed2dba6..82d15af0943 100644 --- a/service/chime/endpoints.go +++ b/service/chime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -474,7 +475,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -503,6 +504,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -513,7 +517,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chime/options.go b/service/chime/options.go index daea71c83fe..a0183db03ae 100644 --- a/service/chime/options.go +++ b/service/chime/options.go @@ -5,6 +5,7 @@ package chime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkidentity/api_client.go b/service/chimesdkidentity/api_client.go index f5f2f973e19..bcab7f5f0a2 100644 --- a/service/chimesdkidentity/api_client.go +++ b/service/chimesdkidentity/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkidentity/auth.go b/service/chimesdkidentity/auth.go index 34fbc2694c4..70ff32a6451 100644 --- a/service/chimesdkidentity/auth.go +++ b/service/chimesdkidentity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkidentity/endpoints.go b/service/chimesdkidentity/endpoints.go index 9c94dada7a8..a36b707d864 100644 --- a/service/chimesdkidentity/endpoints.go +++ b/service/chimesdkidentity/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkidentity/options.go b/service/chimesdkidentity/options.go index ab06461c37d..e96eac8f7cc 100644 --- a/service/chimesdkidentity/options.go +++ b/service/chimesdkidentity/options.go @@ -5,6 +5,7 @@ package chimesdkidentity import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmediapipelines/api_client.go b/service/chimesdkmediapipelines/api_client.go index e093b76e616..9aa44fe5929 100644 --- a/service/chimesdkmediapipelines/api_client.go +++ b/service/chimesdkmediapipelines/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkmediapipelines/auth.go b/service/chimesdkmediapipelines/auth.go index c75bebffd91..384f0f52eaf 100644 --- a/service/chimesdkmediapipelines/auth.go +++ b/service/chimesdkmediapipelines/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmediapipelines/endpoints.go b/service/chimesdkmediapipelines/endpoints.go index 58ff887d5a4..2f71cb86eef 100644 --- a/service/chimesdkmediapipelines/endpoints.go +++ b/service/chimesdkmediapipelines/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmediapipelines/options.go b/service/chimesdkmediapipelines/options.go index aa4bc74301a..4d985b965f7 100644 --- a/service/chimesdkmediapipelines/options.go +++ b/service/chimesdkmediapipelines/options.go @@ -5,6 +5,7 @@ package chimesdkmediapipelines import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmeetings/api_client.go b/service/chimesdkmeetings/api_client.go index b7c9704e75d..499253c1768 100644 --- a/service/chimesdkmeetings/api_client.go +++ b/service/chimesdkmeetings/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkmeetings/auth.go b/service/chimesdkmeetings/auth.go index 08f48a4239c..108edb31baa 100644 --- a/service/chimesdkmeetings/auth.go +++ b/service/chimesdkmeetings/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmeetings/endpoints.go b/service/chimesdkmeetings/endpoints.go index 9e9227ea1f8..cfb74140021 100644 --- a/service/chimesdkmeetings/endpoints.go +++ b/service/chimesdkmeetings/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmeetings/options.go b/service/chimesdkmeetings/options.go index 4818b1c243b..1c1d6df4a35 100644 --- a/service/chimesdkmeetings/options.go +++ b/service/chimesdkmeetings/options.go @@ -5,6 +5,7 @@ package chimesdkmeetings import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmessaging/api_client.go b/service/chimesdkmessaging/api_client.go index a8dd1bdb2a1..fe4233feaaf 100644 --- a/service/chimesdkmessaging/api_client.go +++ b/service/chimesdkmessaging/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkmessaging/auth.go b/service/chimesdkmessaging/auth.go index 715791d49c9..a4985c45375 100644 --- a/service/chimesdkmessaging/auth.go +++ b/service/chimesdkmessaging/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmessaging/endpoints.go b/service/chimesdkmessaging/endpoints.go index 57c80aec727..5527f19008a 100644 --- a/service/chimesdkmessaging/endpoints.go +++ b/service/chimesdkmessaging/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmessaging/options.go b/service/chimesdkmessaging/options.go index b397f55846c..d66aa2b4686 100644 --- a/service/chimesdkmessaging/options.go +++ b/service/chimesdkmessaging/options.go @@ -5,6 +5,7 @@ package chimesdkmessaging import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkvoice/api_client.go b/service/chimesdkvoice/api_client.go index 3ca4d86c9c0..e4191352747 100644 --- a/service/chimesdkvoice/api_client.go +++ b/service/chimesdkvoice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkvoice/auth.go b/service/chimesdkvoice/auth.go index e5ec8b7d74d..26e248d5f40 100644 --- a/service/chimesdkvoice/auth.go +++ b/service/chimesdkvoice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkvoice/endpoints.go b/service/chimesdkvoice/endpoints.go index 3c97bb335a0..f28d1cb76a4 100644 --- a/service/chimesdkvoice/endpoints.go +++ b/service/chimesdkvoice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkvoice/options.go b/service/chimesdkvoice/options.go index b74af6f12eb..9075ad98442 100644 --- a/service/chimesdkvoice/options.go +++ b/service/chimesdkvoice/options.go @@ -5,6 +5,7 @@ package chimesdkvoice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cleanrooms/api_client.go b/service/cleanrooms/api_client.go index e4ea9e6ec13..5614244125a 100644 --- a/service/cleanrooms/api_client.go +++ b/service/cleanrooms/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cleanrooms/auth.go b/service/cleanrooms/auth.go index b1878f8b06c..314e40c2d61 100644 --- a/service/cleanrooms/auth.go +++ b/service/cleanrooms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cleanrooms/endpoints.go b/service/cleanrooms/endpoints.go index 512fa4ae93e..6d1a48374e2 100644 --- a/service/cleanrooms/endpoints.go +++ b/service/cleanrooms/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cleanrooms/options.go b/service/cleanrooms/options.go index 722ec717498..d15911b7528 100644 --- a/service/cleanrooms/options.go +++ b/service/cleanrooms/options.go @@ -5,6 +5,7 @@ package cleanrooms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cleanroomsml/api_client.go b/service/cleanroomsml/api_client.go index c8e761d3e30..f96c1304c8d 100644 --- a/service/cleanroomsml/api_client.go +++ b/service/cleanroomsml/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cleanroomsml/auth.go b/service/cleanroomsml/auth.go index 8cf00fe2d2a..0bdea4aea65 100644 --- a/service/cleanroomsml/auth.go +++ b/service/cleanroomsml/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cleanroomsml/endpoints.go b/service/cleanroomsml/endpoints.go index e2bf7cadd4f..d693e53849d 100644 --- a/service/cleanroomsml/endpoints.go +++ b/service/cleanroomsml/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cleanroomsml/options.go b/service/cleanroomsml/options.go index cc25fe03792..909520f07ab 100644 --- a/service/cleanroomsml/options.go +++ b/service/cleanroomsml/options.go @@ -5,6 +5,7 @@ package cleanroomsml import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloud9/api_client.go b/service/cloud9/api_client.go index c728779f732..4b0ec18a08b 100644 --- a/service/cloud9/api_client.go +++ b/service/cloud9/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloud9/auth.go b/service/cloud9/auth.go index 45b8810ca71..4621744e08b 100644 --- a/service/cloud9/auth.go +++ b/service/cloud9/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloud9/endpoints.go b/service/cloud9/endpoints.go index 4e5dae268b1..a7c769d7681 100644 --- a/service/cloud9/endpoints.go +++ b/service/cloud9/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloud9/options.go b/service/cloud9/options.go index b7b714646a8..6fb26290048 100644 --- a/service/cloud9/options.go +++ b/service/cloud9/options.go @@ -5,6 +5,7 @@ package cloud9 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudcontrol/api_client.go b/service/cloudcontrol/api_client.go index 1c5cdd74055..85191caaa65 100644 --- a/service/cloudcontrol/api_client.go +++ b/service/cloudcontrol/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudcontrol/auth.go b/service/cloudcontrol/auth.go index 6c01a7870ca..66f6e275cd0 100644 --- a/service/cloudcontrol/auth.go +++ b/service/cloudcontrol/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudcontrol/endpoints.go b/service/cloudcontrol/endpoints.go index ac92be955d0..91060535488 100644 --- a/service/cloudcontrol/endpoints.go +++ b/service/cloudcontrol/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudcontrol/options.go b/service/cloudcontrol/options.go index 10c7257720e..fd1a65b5028 100644 --- a/service/cloudcontrol/options.go +++ b/service/cloudcontrol/options.go @@ -5,6 +5,7 @@ package cloudcontrol import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/clouddirectory/api_client.go b/service/clouddirectory/api_client.go index 823c7231ee0..bdb28b4f428 100644 --- a/service/clouddirectory/api_client.go +++ b/service/clouddirectory/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/clouddirectory/auth.go b/service/clouddirectory/auth.go index 7ef219219b7..24abb06e1d0 100644 --- a/service/clouddirectory/auth.go +++ b/service/clouddirectory/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/clouddirectory/endpoints.go b/service/clouddirectory/endpoints.go index 193bed2d48c..b8e40f13b48 100644 --- a/service/clouddirectory/endpoints.go +++ b/service/clouddirectory/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/clouddirectory/options.go b/service/clouddirectory/options.go index 6d320e151e0..bedfef195ac 100644 --- a/service/clouddirectory/options.go +++ b/service/clouddirectory/options.go @@ -5,6 +5,7 @@ package clouddirectory import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudformation/api_client.go b/service/cloudformation/api_client.go index 4bbfff117a0..6b353e94ff7 100644 --- a/service/cloudformation/api_client.go +++ b/service/cloudformation/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudformation/auth.go b/service/cloudformation/auth.go index b3ffff854fc..4f9bcf0aaa1 100644 --- a/service/cloudformation/auth.go +++ b/service/cloudformation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudformation/endpoints.go b/service/cloudformation/endpoints.go index 753fa15111f..11aa1a29c4f 100644 --- a/service/cloudformation/endpoints.go +++ b/service/cloudformation/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudformation/options.go b/service/cloudformation/options.go index 5357466b7bd..da4d3edc7ba 100644 --- a/service/cloudformation/options.go +++ b/service/cloudformation/options.go @@ -5,6 +5,7 @@ package cloudformation import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudfront/api_client.go b/service/cloudfront/api_client.go index b3ea9db5454..b65d6fb1ad6 100644 --- a/service/cloudfront/api_client.go +++ b/service/cloudfront/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudfront/auth.go b/service/cloudfront/auth.go index 424e6944949..162d4fc7ba9 100644 --- a/service/cloudfront/auth.go +++ b/service/cloudfront/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudfront/endpoints.go b/service/cloudfront/endpoints.go index 05e2b2e7578..c2654ae299d 100644 --- a/service/cloudfront/endpoints.go +++ b/service/cloudfront/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -542,7 +543,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -571,6 +572,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -581,7 +585,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudfront/options.go b/service/cloudfront/options.go index 502c0ce28de..4f0117d1a8d 100644 --- a/service/cloudfront/options.go +++ b/service/cloudfront/options.go @@ -5,6 +5,7 @@ package cloudfront import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudfrontkeyvaluestore/api_client.go b/service/cloudfrontkeyvaluestore/api_client.go index 93ec74b0a81..4b927e482f2 100644 --- a/service/cloudfrontkeyvaluestore/api_client.go +++ b/service/cloudfrontkeyvaluestore/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudfrontkeyvaluestore/auth.go b/service/cloudfrontkeyvaluestore/auth.go index e43490e9fa4..6ad1a883127 100644 --- a/service/cloudfrontkeyvaluestore/auth.go +++ b/service/cloudfrontkeyvaluestore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudfrontkeyvaluestore/endpoints.go b/service/cloudfrontkeyvaluestore/endpoints.go index e670bf5c278..7f2461051ee 100644 --- a/service/cloudfrontkeyvaluestore/endpoints.go +++ b/service/cloudfrontkeyvaluestore/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -543,7 +544,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -571,6 +572,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -581,7 +585,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudfrontkeyvaluestore/options.go b/service/cloudfrontkeyvaluestore/options.go index 4ffd85d42dd..739dd5e1102 100644 --- a/service/cloudfrontkeyvaluestore/options.go +++ b/service/cloudfrontkeyvaluestore/options.go @@ -5,6 +5,7 @@ package cloudfrontkeyvaluestore import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudhsm/api_client.go b/service/cloudhsm/api_client.go index b05be156506..110c550afe5 100644 --- a/service/cloudhsm/api_client.go +++ b/service/cloudhsm/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudhsm/auth.go b/service/cloudhsm/auth.go index af7ba216d1f..6a0f6e37463 100644 --- a/service/cloudhsm/auth.go +++ b/service/cloudhsm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudhsm/endpoints.go b/service/cloudhsm/endpoints.go index 8696185954e..284f75392d4 100644 --- a/service/cloudhsm/endpoints.go +++ b/service/cloudhsm/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudhsm/options.go b/service/cloudhsm/options.go index 9dc12483622..78edf87d499 100644 --- a/service/cloudhsm/options.go +++ b/service/cloudhsm/options.go @@ -5,6 +5,7 @@ package cloudhsm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudhsmv2/api_client.go b/service/cloudhsmv2/api_client.go index 2bd421266f8..5ea6be94f69 100644 --- a/service/cloudhsmv2/api_client.go +++ b/service/cloudhsmv2/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudhsmv2/auth.go b/service/cloudhsmv2/auth.go index 50320c77406..3b13c7d02d0 100644 --- a/service/cloudhsmv2/auth.go +++ b/service/cloudhsmv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudhsmv2/endpoints.go b/service/cloudhsmv2/endpoints.go index 756d776a550..c226e70819d 100644 --- a/service/cloudhsmv2/endpoints.go +++ b/service/cloudhsmv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudhsmv2/options.go b/service/cloudhsmv2/options.go index 44c25a26f27..9a7c0df5e2a 100644 --- a/service/cloudhsmv2/options.go +++ b/service/cloudhsmv2/options.go @@ -5,6 +5,7 @@ package cloudhsmv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudsearch/api_client.go b/service/cloudsearch/api_client.go index dadfd2f86e4..4f7b769980e 100644 --- a/service/cloudsearch/api_client.go +++ b/service/cloudsearch/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudsearch/auth.go b/service/cloudsearch/auth.go index 0e18b91c7c5..50ec7a77304 100644 --- a/service/cloudsearch/auth.go +++ b/service/cloudsearch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudsearch/endpoints.go b/service/cloudsearch/endpoints.go index 5df55af2f48..4b915a41adf 100644 --- a/service/cloudsearch/endpoints.go +++ b/service/cloudsearch/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudsearch/options.go b/service/cloudsearch/options.go index a5d00c96a33..40e6ef71250 100644 --- a/service/cloudsearch/options.go +++ b/service/cloudsearch/options.go @@ -5,6 +5,7 @@ package cloudsearch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudsearchdomain/api_client.go b/service/cloudsearchdomain/api_client.go index 7ce19eeff61..a860711f385 100644 --- a/service/cloudsearchdomain/api_client.go +++ b/service/cloudsearchdomain/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudsearchdomain/auth.go b/service/cloudsearchdomain/auth.go index cd60da2b0f8..bfa2f96840f 100644 --- a/service/cloudsearchdomain/auth.go +++ b/service/cloudsearchdomain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudsearchdomain/endpoints.go b/service/cloudsearchdomain/endpoints.go index 909496715b3..e20863c1af6 100644 --- a/service/cloudsearchdomain/endpoints.go +++ b/service/cloudsearchdomain/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudsearchdomain/options.go b/service/cloudsearchdomain/options.go index 5858235da40..14ea2121dea 100644 --- a/service/cloudsearchdomain/options.go +++ b/service/cloudsearchdomain/options.go @@ -5,6 +5,7 @@ package cloudsearchdomain import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudtrail/api_client.go b/service/cloudtrail/api_client.go index 7ea04f926e4..78a7f2e8d33 100644 --- a/service/cloudtrail/api_client.go +++ b/service/cloudtrail/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudtrail/auth.go b/service/cloudtrail/auth.go index 866b0958eba..0c8b6df8496 100644 --- a/service/cloudtrail/auth.go +++ b/service/cloudtrail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudtrail/endpoints.go b/service/cloudtrail/endpoints.go index eb9b4c08d50..c9ae53202c0 100644 --- a/service/cloudtrail/endpoints.go +++ b/service/cloudtrail/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +466,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -494,6 +495,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudtrail/options.go b/service/cloudtrail/options.go index 3f41deae494..a5480964a7b 100644 --- a/service/cloudtrail/options.go +++ b/service/cloudtrail/options.go @@ -5,6 +5,7 @@ package cloudtrail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudtraildata/api_client.go b/service/cloudtraildata/api_client.go index 3f796feb2e0..e1390a86753 100644 --- a/service/cloudtraildata/api_client.go +++ b/service/cloudtraildata/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudtraildata/auth.go b/service/cloudtraildata/auth.go index ffae409d45c..0af9bba26fb 100644 --- a/service/cloudtraildata/auth.go +++ b/service/cloudtraildata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudtraildata/endpoints.go b/service/cloudtraildata/endpoints.go index 1850b0532a1..3b30bbd539c 100644 --- a/service/cloudtraildata/endpoints.go +++ b/service/cloudtraildata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudtraildata/options.go b/service/cloudtraildata/options.go index e483254413e..9fbc2dee4b9 100644 --- a/service/cloudtraildata/options.go +++ b/service/cloudtraildata/options.go @@ -5,6 +5,7 @@ package cloudtraildata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatch/api_client.go b/service/cloudwatch/api_client.go index 4159dba3b36..8c211d4d272 100644 --- a/service/cloudwatch/api_client.go +++ b/service/cloudwatch/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudwatch/auth.go b/service/cloudwatch/auth.go index d7dd29021ef..44c1b854bc4 100644 --- a/service/cloudwatch/auth.go +++ b/service/cloudwatch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatch/endpoints.go b/service/cloudwatch/endpoints.go index a0496b79974..007ad0380d6 100644 --- a/service/cloudwatch/endpoints.go +++ b/service/cloudwatch/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatch/options.go b/service/cloudwatch/options.go index 69a23e5125d..76a417febff 100644 --- a/service/cloudwatch/options.go +++ b/service/cloudwatch/options.go @@ -5,6 +5,7 @@ package cloudwatch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatchevents/api_client.go b/service/cloudwatchevents/api_client.go index ffebc2f7d21..84eb8c537f5 100644 --- a/service/cloudwatchevents/api_client.go +++ b/service/cloudwatchevents/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudwatchevents/auth.go b/service/cloudwatchevents/auth.go index 54b6cf2b251..17049b84a12 100644 --- a/service/cloudwatchevents/auth.go +++ b/service/cloudwatchevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatchevents/endpoints.go b/service/cloudwatchevents/endpoints.go index 3bad8bd1879..cf095e39e42 100644 --- a/service/cloudwatchevents/endpoints.go +++ b/service/cloudwatchevents/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +466,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -494,6 +495,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatchevents/options.go b/service/cloudwatchevents/options.go index 2552376ac33..dfa82dab8b1 100644 --- a/service/cloudwatchevents/options.go +++ b/service/cloudwatchevents/options.go @@ -5,6 +5,7 @@ package cloudwatchevents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatchlogs/api_client.go b/service/cloudwatchlogs/api_client.go index 62a3f467aae..3461936e90f 100644 --- a/service/cloudwatchlogs/api_client.go +++ b/service/cloudwatchlogs/api_client.go @@ -236,15 +236,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudwatchlogs/auth.go b/service/cloudwatchlogs/auth.go index fff49614c8a..292db256c89 100644 --- a/service/cloudwatchlogs/auth.go +++ b/service/cloudwatchlogs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatchlogs/endpoints.go b/service/cloudwatchlogs/endpoints.go index 2fa86090a7a..8eeb1c18e30 100644 --- a/service/cloudwatchlogs/endpoints.go +++ b/service/cloudwatchlogs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +466,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -494,6 +495,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatchlogs/options.go b/service/cloudwatchlogs/options.go index 33256f3d76f..d60b26a7149 100644 --- a/service/cloudwatchlogs/options.go +++ b/service/cloudwatchlogs/options.go @@ -5,6 +5,7 @@ package cloudwatchlogs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codeartifact/api_client.go b/service/codeartifact/api_client.go index e4c0f80c862..56c5f138cc5 100644 --- a/service/codeartifact/api_client.go +++ b/service/codeartifact/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codeartifact/auth.go b/service/codeartifact/auth.go index e3c5ce4848c..2d832da2c2c 100644 --- a/service/codeartifact/auth.go +++ b/service/codeartifact/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeartifact/endpoints.go b/service/codeartifact/endpoints.go index 286fb5bed7f..4774f5015ad 100644 --- a/service/codeartifact/endpoints.go +++ b/service/codeartifact/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeartifact/options.go b/service/codeartifact/options.go index 5e5558ae758..c622763ab91 100644 --- a/service/codeartifact/options.go +++ b/service/codeartifact/options.go @@ -5,6 +5,7 @@ package codeartifact import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codebuild/api_client.go b/service/codebuild/api_client.go index 5d03878e2f6..aac53fa6fda 100644 --- a/service/codebuild/api_client.go +++ b/service/codebuild/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codebuild/auth.go b/service/codebuild/auth.go index ee3a0c5363b..042e9166557 100644 --- a/service/codebuild/auth.go +++ b/service/codebuild/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codebuild/endpoints.go b/service/codebuild/endpoints.go index f4390be34e5..84abf0204e1 100644 --- a/service/codebuild/endpoints.go +++ b/service/codebuild/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codebuild/options.go b/service/codebuild/options.go index c8dce451d25..9e8d7f789a2 100644 --- a/service/codebuild/options.go +++ b/service/codebuild/options.go @@ -5,6 +5,7 @@ package codebuild import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codecatalyst/api_client.go b/service/codecatalyst/api_client.go index b8e5c800548..0685173bd90 100644 --- a/service/codecatalyst/api_client.go +++ b/service/codecatalyst/api_client.go @@ -235,6 +235,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { Logger: cfg.Logger, ClientLogMode: cfg.ClientLogMode, AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codecatalyst/auth.go b/service/codecatalyst/auth.go index 862bbdb5a8f..230ae1075ae 100644 --- a/service/codecatalyst/auth.go +++ b/service/codecatalyst/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codecatalyst/endpoints.go b/service/codecatalyst/endpoints.go index ab326a9612a..b706c05d5a8 100644 --- a/service/codecatalyst/endpoints.go +++ b/service/codecatalyst/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -403,7 +404,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) @@ -431,6 +432,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -441,7 +445,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codecatalyst/options.go b/service/codecatalyst/options.go index 742da5bef2f..4238e6b57bb 100644 --- a/service/codecatalyst/options.go +++ b/service/codecatalyst/options.go @@ -4,6 +4,7 @@ package codecatalyst import ( "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/auth/bearer" @@ -23,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codecommit/api_client.go b/service/codecommit/api_client.go index bb5d92ffd86..7d37324067c 100644 --- a/service/codecommit/api_client.go +++ b/service/codecommit/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codecommit/auth.go b/service/codecommit/auth.go index 4d144c4122b..da71e6cb8bf 100644 --- a/service/codecommit/auth.go +++ b/service/codecommit/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codecommit/endpoints.go b/service/codecommit/endpoints.go index db1274070f4..93c7503ce0a 100644 --- a/service/codecommit/endpoints.go +++ b/service/codecommit/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codecommit/options.go b/service/codecommit/options.go index 22ae7feaed4..ed91a010a61 100644 --- a/service/codecommit/options.go +++ b/service/codecommit/options.go @@ -5,6 +5,7 @@ package codecommit import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codedeploy/api_client.go b/service/codedeploy/api_client.go index a02a5633fb3..19aedf61c08 100644 --- a/service/codedeploy/api_client.go +++ b/service/codedeploy/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codedeploy/auth.go b/service/codedeploy/auth.go index cd85dfc6595..cc60c53858a 100644 --- a/service/codedeploy/auth.go +++ b/service/codedeploy/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codedeploy/endpoints.go b/service/codedeploy/endpoints.go index d2c3e72fbd3..51122647db7 100644 --- a/service/codedeploy/endpoints.go +++ b/service/codedeploy/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codedeploy/options.go b/service/codedeploy/options.go index 33557f60913..070b2b4fad5 100644 --- a/service/codedeploy/options.go +++ b/service/codedeploy/options.go @@ -5,6 +5,7 @@ package codedeploy import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codeguruprofiler/api_client.go b/service/codeguruprofiler/api_client.go index 18790253d25..fe7c7dd08e2 100644 --- a/service/codeguruprofiler/api_client.go +++ b/service/codeguruprofiler/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codeguruprofiler/auth.go b/service/codeguruprofiler/auth.go index 60053ae5d0b..21aa5524cb6 100644 --- a/service/codeguruprofiler/auth.go +++ b/service/codeguruprofiler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeguruprofiler/endpoints.go b/service/codeguruprofiler/endpoints.go index ce825515cbb..4a5a65a06e4 100644 --- a/service/codeguruprofiler/endpoints.go +++ b/service/codeguruprofiler/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeguruprofiler/options.go b/service/codeguruprofiler/options.go index 79b4bbbc346..6bee324180b 100644 --- a/service/codeguruprofiler/options.go +++ b/service/codeguruprofiler/options.go @@ -5,6 +5,7 @@ package codeguruprofiler import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codegurureviewer/api_client.go b/service/codegurureviewer/api_client.go index bd0e6c520fb..e3f2003033b 100644 --- a/service/codegurureviewer/api_client.go +++ b/service/codegurureviewer/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codegurureviewer/auth.go b/service/codegurureviewer/auth.go index 3987f2f0511..f812567e904 100644 --- a/service/codegurureviewer/auth.go +++ b/service/codegurureviewer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codegurureviewer/endpoints.go b/service/codegurureviewer/endpoints.go index 495e43dd1e4..c89fb152f9c 100644 --- a/service/codegurureviewer/endpoints.go +++ b/service/codegurureviewer/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codegurureviewer/options.go b/service/codegurureviewer/options.go index e2323cec481..d8a1e6492e9 100644 --- a/service/codegurureviewer/options.go +++ b/service/codegurureviewer/options.go @@ -5,6 +5,7 @@ package codegurureviewer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codegurusecurity/api_client.go b/service/codegurusecurity/api_client.go index 76aefb15708..92585361eca 100644 --- a/service/codegurusecurity/api_client.go +++ b/service/codegurusecurity/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codegurusecurity/auth.go b/service/codegurusecurity/auth.go index 3b9d0dd4893..e2089c37760 100644 --- a/service/codegurusecurity/auth.go +++ b/service/codegurusecurity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codegurusecurity/endpoints.go b/service/codegurusecurity/endpoints.go index 7852e5b7683..210276f70e3 100644 --- a/service/codegurusecurity/endpoints.go +++ b/service/codegurusecurity/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codegurusecurity/options.go b/service/codegurusecurity/options.go index bd97b809f04..a356abc5024 100644 --- a/service/codegurusecurity/options.go +++ b/service/codegurusecurity/options.go @@ -5,6 +5,7 @@ package codegurusecurity import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codepipeline/api_client.go b/service/codepipeline/api_client.go index 708d6e42b19..d9a4e78b59c 100644 --- a/service/codepipeline/api_client.go +++ b/service/codepipeline/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codepipeline/auth.go b/service/codepipeline/auth.go index 9cc55014388..716fa8d19e5 100644 --- a/service/codepipeline/auth.go +++ b/service/codepipeline/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codepipeline/endpoints.go b/service/codepipeline/endpoints.go index 3984ae8e185..9e86a3445f1 100644 --- a/service/codepipeline/endpoints.go +++ b/service/codepipeline/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codepipeline/options.go b/service/codepipeline/options.go index 4d6c61126da..e4c568865ef 100644 --- a/service/codepipeline/options.go +++ b/service/codepipeline/options.go @@ -5,6 +5,7 @@ package codepipeline import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestar/api_client.go b/service/codestar/api_client.go index 0c7a7dc55c1..ae1e254f19b 100644 --- a/service/codestar/api_client.go +++ b/service/codestar/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codestar/auth.go b/service/codestar/auth.go index 4b96c0ebcd5..a8f691a08e6 100644 --- a/service/codestar/auth.go +++ b/service/codestar/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestar/endpoints.go b/service/codestar/endpoints.go index bc7c4efa36a..cea37ac7f8a 100644 --- a/service/codestar/endpoints.go +++ b/service/codestar/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestar/options.go b/service/codestar/options.go index eb0b3a3769d..03729503943 100644 --- a/service/codestar/options.go +++ b/service/codestar/options.go @@ -5,6 +5,7 @@ package codestar import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestarconnections/api_client.go b/service/codestarconnections/api_client.go index 9ebc922b780..2de29569e61 100644 --- a/service/codestarconnections/api_client.go +++ b/service/codestarconnections/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codestarconnections/auth.go b/service/codestarconnections/auth.go index 702ad6f1f30..4edfde9f36b 100644 --- a/service/codestarconnections/auth.go +++ b/service/codestarconnections/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestarconnections/endpoints.go b/service/codestarconnections/endpoints.go index c2f6605d60e..6841dd50edf 100644 --- a/service/codestarconnections/endpoints.go +++ b/service/codestarconnections/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestarconnections/options.go b/service/codestarconnections/options.go index a6b2a51cc33..9bf49a60d65 100644 --- a/service/codestarconnections/options.go +++ b/service/codestarconnections/options.go @@ -5,6 +5,7 @@ package codestarconnections import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestarnotifications/api_client.go b/service/codestarnotifications/api_client.go index 089831e8323..77131471ca7 100644 --- a/service/codestarnotifications/api_client.go +++ b/service/codestarnotifications/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codestarnotifications/auth.go b/service/codestarnotifications/auth.go index 5c32b160d4e..c70a4568167 100644 --- a/service/codestarnotifications/auth.go +++ b/service/codestarnotifications/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestarnotifications/endpoints.go b/service/codestarnotifications/endpoints.go index 9463a593e2a..ea80de9f8e4 100644 --- a/service/codestarnotifications/endpoints.go +++ b/service/codestarnotifications/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestarnotifications/options.go b/service/codestarnotifications/options.go index 589676ba4fe..fbd801f0abe 100644 --- a/service/codestarnotifications/options.go +++ b/service/codestarnotifications/options.go @@ -5,6 +5,7 @@ package codestarnotifications import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitoidentity/api_client.go b/service/cognitoidentity/api_client.go index 5831e373997..317503b22b1 100644 --- a/service/cognitoidentity/api_client.go +++ b/service/cognitoidentity/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cognitoidentity/auth.go b/service/cognitoidentity/auth.go index 6bf60c37e84..b5fde683721 100644 --- a/service/cognitoidentity/auth.go +++ b/service/cognitoidentity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -169,7 +169,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitoidentity/endpoints.go b/service/cognitoidentity/endpoints.go index 65a4850f2ec..ee929a8b9b6 100644 --- a/service/cognitoidentity/endpoints.go +++ b/service/cognitoidentity/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitoidentity/options.go b/service/cognitoidentity/options.go index 118fe1e4b11..102669c4a67 100644 --- a/service/cognitoidentity/options.go +++ b/service/cognitoidentity/options.go @@ -5,6 +5,7 @@ package cognitoidentity import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitoidentityprovider/api_client.go b/service/cognitoidentityprovider/api_client.go index 8c094e0cbf4..43460c36c91 100644 --- a/service/cognitoidentityprovider/api_client.go +++ b/service/cognitoidentityprovider/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cognitoidentityprovider/auth.go b/service/cognitoidentityprovider/auth.go index 471f9d2bfcf..b1459bfcd11 100644 --- a/service/cognitoidentityprovider/auth.go +++ b/service/cognitoidentityprovider/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -301,7 +301,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitoidentityprovider/endpoints.go b/service/cognitoidentityprovider/endpoints.go index 5bf48df1994..d3c741d7763 100644 --- a/service/cognitoidentityprovider/endpoints.go +++ b/service/cognitoidentityprovider/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitoidentityprovider/options.go b/service/cognitoidentityprovider/options.go index ee635438352..016bfb7e3c7 100644 --- a/service/cognitoidentityprovider/options.go +++ b/service/cognitoidentityprovider/options.go @@ -5,6 +5,7 @@ package cognitoidentityprovider import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitosync/api_client.go b/service/cognitosync/api_client.go index cd952a6973b..0ca74ba9308 100644 --- a/service/cognitosync/api_client.go +++ b/service/cognitosync/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cognitosync/auth.go b/service/cognitosync/auth.go index 9d24d23ea32..96a2a9c4f6b 100644 --- a/service/cognitosync/auth.go +++ b/service/cognitosync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitosync/endpoints.go b/service/cognitosync/endpoints.go index 809ba37fe0f..fc5662254c9 100644 --- a/service/cognitosync/endpoints.go +++ b/service/cognitosync/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitosync/options.go b/service/cognitosync/options.go index f8e75f64a9c..3e35d90d9d2 100644 --- a/service/cognitosync/options.go +++ b/service/cognitosync/options.go @@ -5,6 +5,7 @@ package cognitosync import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/comprehend/api_client.go b/service/comprehend/api_client.go index 5b87feeed5c..0bc15d34359 100644 --- a/service/comprehend/api_client.go +++ b/service/comprehend/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/comprehend/auth.go b/service/comprehend/auth.go index 0991e047085..a92cb9af40a 100644 --- a/service/comprehend/auth.go +++ b/service/comprehend/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/comprehend/endpoints.go b/service/comprehend/endpoints.go index 1d9983cb054..9d04426eac5 100644 --- a/service/comprehend/endpoints.go +++ b/service/comprehend/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/comprehend/options.go b/service/comprehend/options.go index 0c234fdb245..2a2140faebb 100644 --- a/service/comprehend/options.go +++ b/service/comprehend/options.go @@ -5,6 +5,7 @@ package comprehend import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/comprehendmedical/api_client.go b/service/comprehendmedical/api_client.go index 7cf4131074d..65f51c9c9b2 100644 --- a/service/comprehendmedical/api_client.go +++ b/service/comprehendmedical/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/comprehendmedical/auth.go b/service/comprehendmedical/auth.go index 6323342ed08..04849d4318b 100644 --- a/service/comprehendmedical/auth.go +++ b/service/comprehendmedical/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/comprehendmedical/endpoints.go b/service/comprehendmedical/endpoints.go index 2f7211b3f50..4c225c8fdd3 100644 --- a/service/comprehendmedical/endpoints.go +++ b/service/comprehendmedical/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/comprehendmedical/options.go b/service/comprehendmedical/options.go index 35f3814474e..de1f861e4b4 100644 --- a/service/comprehendmedical/options.go +++ b/service/comprehendmedical/options.go @@ -5,6 +5,7 @@ package comprehendmedical import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/computeoptimizer/api_client.go b/service/computeoptimizer/api_client.go index d4667e3c36c..29df911c999 100644 --- a/service/computeoptimizer/api_client.go +++ b/service/computeoptimizer/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/computeoptimizer/auth.go b/service/computeoptimizer/auth.go index 29c7c72065d..8ad12289d24 100644 --- a/service/computeoptimizer/auth.go +++ b/service/computeoptimizer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/computeoptimizer/endpoints.go b/service/computeoptimizer/endpoints.go index 4553acbed43..9f75009dc95 100644 --- a/service/computeoptimizer/endpoints.go +++ b/service/computeoptimizer/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/computeoptimizer/options.go b/service/computeoptimizer/options.go index 4de24e20256..fa6812c0756 100644 --- a/service/computeoptimizer/options.go +++ b/service/computeoptimizer/options.go @@ -5,6 +5,7 @@ package computeoptimizer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/configservice/api_client.go b/service/configservice/api_client.go index 3e7c6b33026..5c624be67a9 100644 --- a/service/configservice/api_client.go +++ b/service/configservice/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/configservice/auth.go b/service/configservice/auth.go index 65dcd4a3e63..d151db1fbac 100644 --- a/service/configservice/auth.go +++ b/service/configservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/configservice/endpoints.go b/service/configservice/endpoints.go index 48ed41a974d..4d68a7a9f01 100644 --- a/service/configservice/endpoints.go +++ b/service/configservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/configservice/options.go b/service/configservice/options.go index 0d4c3c628c3..a2cb63fb736 100644 --- a/service/configservice/options.go +++ b/service/configservice/options.go @@ -5,6 +5,7 @@ package configservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connect/api_client.go b/service/connect/api_client.go index 30fe7e1077e..6fc94d5f638 100644 --- a/service/connect/api_client.go +++ b/service/connect/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connect/auth.go b/service/connect/auth.go index 9800a81735e..58ab200a055 100644 --- a/service/connect/auth.go +++ b/service/connect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connect/endpoints.go b/service/connect/endpoints.go index eeeeff7aea0..60b19b1b170 100644 --- a/service/connect/endpoints.go +++ b/service/connect/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connect/options.go b/service/connect/options.go index 637a92c76a4..e063e553755 100644 --- a/service/connect/options.go +++ b/service/connect/options.go @@ -5,6 +5,7 @@ package connect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcampaigns/api_client.go b/service/connectcampaigns/api_client.go index 1e7ccbb025f..c5d95d400c1 100644 --- a/service/connectcampaigns/api_client.go +++ b/service/connectcampaigns/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectcampaigns/auth.go b/service/connectcampaigns/auth.go index f6737cde3fb..77ed02f5774 100644 --- a/service/connectcampaigns/auth.go +++ b/service/connectcampaigns/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcampaigns/endpoints.go b/service/connectcampaigns/endpoints.go index ca0c64338ef..f50ab00f3d6 100644 --- a/service/connectcampaigns/endpoints.go +++ b/service/connectcampaigns/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcampaigns/options.go b/service/connectcampaigns/options.go index 9a90478641f..f449fb3c3ba 100644 --- a/service/connectcampaigns/options.go +++ b/service/connectcampaigns/options.go @@ -5,6 +5,7 @@ package connectcampaigns import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcases/api_client.go b/service/connectcases/api_client.go index b8752124bf3..6739a311875 100644 --- a/service/connectcases/api_client.go +++ b/service/connectcases/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectcases/auth.go b/service/connectcases/auth.go index 91fffcf9baf..fb725ed476d 100644 --- a/service/connectcases/auth.go +++ b/service/connectcases/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcases/endpoints.go b/service/connectcases/endpoints.go index 6e51331f205..37eb64ffc8c 100644 --- a/service/connectcases/endpoints.go +++ b/service/connectcases/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcases/options.go b/service/connectcases/options.go index ad2305f38de..a2d1d67cc1a 100644 --- a/service/connectcases/options.go +++ b/service/connectcases/options.go @@ -5,6 +5,7 @@ package connectcases import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcontactlens/api_client.go b/service/connectcontactlens/api_client.go index 081d036414b..ae7284e8fcd 100644 --- a/service/connectcontactlens/api_client.go +++ b/service/connectcontactlens/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectcontactlens/auth.go b/service/connectcontactlens/auth.go index 76699d95ae2..2f17f0ca961 100644 --- a/service/connectcontactlens/auth.go +++ b/service/connectcontactlens/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcontactlens/endpoints.go b/service/connectcontactlens/endpoints.go index ba9f3fd4528..8348056eaa7 100644 --- a/service/connectcontactlens/endpoints.go +++ b/service/connectcontactlens/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcontactlens/options.go b/service/connectcontactlens/options.go index fbbeed58bba..b204f0ca53d 100644 --- a/service/connectcontactlens/options.go +++ b/service/connectcontactlens/options.go @@ -5,6 +5,7 @@ package connectcontactlens import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectparticipant/api_client.go b/service/connectparticipant/api_client.go index eda4f324775..95c2fbd6817 100644 --- a/service/connectparticipant/api_client.go +++ b/service/connectparticipant/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectparticipant/auth.go b/service/connectparticipant/auth.go index f2e851a706f..7234ee0b7f0 100644 --- a/service/connectparticipant/auth.go +++ b/service/connectparticipant/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectparticipant/endpoints.go b/service/connectparticipant/endpoints.go index 02b270d86e0..588d591b449 100644 --- a/service/connectparticipant/endpoints.go +++ b/service/connectparticipant/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectparticipant/options.go b/service/connectparticipant/options.go index 014b8e0bd42..c903c3a5766 100644 --- a/service/connectparticipant/options.go +++ b/service/connectparticipant/options.go @@ -5,6 +5,7 @@ package connectparticipant import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/controltower/api_client.go b/service/controltower/api_client.go index 9f75b82fb0b..7511ea2f9a8 100644 --- a/service/controltower/api_client.go +++ b/service/controltower/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/controltower/auth.go b/service/controltower/auth.go index f8b61c05704..2d3cb4e3726 100644 --- a/service/controltower/auth.go +++ b/service/controltower/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/controltower/endpoints.go b/service/controltower/endpoints.go index ab6b4e1ef08..76d98f04779 100644 --- a/service/controltower/endpoints.go +++ b/service/controltower/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/controltower/options.go b/service/controltower/options.go index b4a656b1f8d..efe1d18f60d 100644 --- a/service/controltower/options.go +++ b/service/controltower/options.go @@ -5,6 +5,7 @@ package controltower import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costandusagereportservice/api_client.go b/service/costandusagereportservice/api_client.go index 5a9f088fe7d..f5cefb197bb 100644 --- a/service/costandusagereportservice/api_client.go +++ b/service/costandusagereportservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/costandusagereportservice/auth.go b/service/costandusagereportservice/auth.go index 9bb25de4d39..5e9c6a35aab 100644 --- a/service/costandusagereportservice/auth.go +++ b/service/costandusagereportservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costandusagereportservice/endpoints.go b/service/costandusagereportservice/endpoints.go index 63924343e1b..b41da81a2d7 100644 --- a/service/costandusagereportservice/endpoints.go +++ b/service/costandusagereportservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costandusagereportservice/options.go b/service/costandusagereportservice/options.go index 7efede34119..a4783f45975 100644 --- a/service/costandusagereportservice/options.go +++ b/service/costandusagereportservice/options.go @@ -5,6 +5,7 @@ package costandusagereportservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costexplorer/api_client.go b/service/costexplorer/api_client.go index 6512bc3aadb..1d11fb9f66a 100644 --- a/service/costexplorer/api_client.go +++ b/service/costexplorer/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/costexplorer/auth.go b/service/costexplorer/auth.go index d04e0be26e3..01e3d3cf72a 100644 --- a/service/costexplorer/auth.go +++ b/service/costexplorer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costexplorer/endpoints.go b/service/costexplorer/endpoints.go index 30e05cfe84a..2528e022507 100644 --- a/service/costexplorer/endpoints.go +++ b/service/costexplorer/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -508,7 +509,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -537,6 +538,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costexplorer/options.go b/service/costexplorer/options.go index 7303fa50a6e..21ccc4ef7c8 100644 --- a/service/costexplorer/options.go +++ b/service/costexplorer/options.go @@ -5,6 +5,7 @@ package costexplorer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costoptimizationhub/api_client.go b/service/costoptimizationhub/api_client.go index 324177d268f..f377e314130 100644 --- a/service/costoptimizationhub/api_client.go +++ b/service/costoptimizationhub/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/costoptimizationhub/auth.go b/service/costoptimizationhub/auth.go index 001ffd03fa6..64c7ba1f66b 100644 --- a/service/costoptimizationhub/auth.go +++ b/service/costoptimizationhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costoptimizationhub/endpoints.go b/service/costoptimizationhub/endpoints.go index 5b4f3ed2e12..756a110942d 100644 --- a/service/costoptimizationhub/endpoints.go +++ b/service/costoptimizationhub/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costoptimizationhub/options.go b/service/costoptimizationhub/options.go index 3f035a3ed94..0a6ab72cbf6 100644 --- a/service/costoptimizationhub/options.go +++ b/service/costoptimizationhub/options.go @@ -5,6 +5,7 @@ package costoptimizationhub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/customerprofiles/api_client.go b/service/customerprofiles/api_client.go index 18b06256da3..8529c5e379c 100644 --- a/service/customerprofiles/api_client.go +++ b/service/customerprofiles/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/customerprofiles/auth.go b/service/customerprofiles/auth.go index 0c0672b1aa5..aa5703709d8 100644 --- a/service/customerprofiles/auth.go +++ b/service/customerprofiles/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/customerprofiles/endpoints.go b/service/customerprofiles/endpoints.go index b6135174dd6..fef7e6e31fb 100644 --- a/service/customerprofiles/endpoints.go +++ b/service/customerprofiles/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/customerprofiles/options.go b/service/customerprofiles/options.go index a35d77298a9..c2b55efc700 100644 --- a/service/customerprofiles/options.go +++ b/service/customerprofiles/options.go @@ -5,6 +5,7 @@ package customerprofiles import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/databasemigrationservice/api_client.go b/service/databasemigrationservice/api_client.go index e2fa662bb3d..5f703ff8cfc 100644 --- a/service/databasemigrationservice/api_client.go +++ b/service/databasemigrationservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/databasemigrationservice/auth.go b/service/databasemigrationservice/auth.go index ddb9776b960..bee97456719 100644 --- a/service/databasemigrationservice/auth.go +++ b/service/databasemigrationservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/databasemigrationservice/endpoints.go b/service/databasemigrationservice/endpoints.go index b0b1214bf45..c697ab516ab 100644 --- a/service/databasemigrationservice/endpoints.go +++ b/service/databasemigrationservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -496,7 +497,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -525,6 +526,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/databasemigrationservice/options.go b/service/databasemigrationservice/options.go index 58bf0bb961d..c24a0c7594f 100644 --- a/service/databasemigrationservice/options.go +++ b/service/databasemigrationservice/options.go @@ -5,6 +5,7 @@ package databasemigrationservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/databrew/api_client.go b/service/databrew/api_client.go index 59108ee9493..f30df0564ac 100644 --- a/service/databrew/api_client.go +++ b/service/databrew/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/databrew/auth.go b/service/databrew/auth.go index e4f3cc319fb..8dbdac4d48a 100644 --- a/service/databrew/auth.go +++ b/service/databrew/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/databrew/endpoints.go b/service/databrew/endpoints.go index c61e4658d54..56840f96f15 100644 --- a/service/databrew/endpoints.go +++ b/service/databrew/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -452,7 +453,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -481,6 +482,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -491,7 +495,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/databrew/options.go b/service/databrew/options.go index ce023fb8984..c873e50deab 100644 --- a/service/databrew/options.go +++ b/service/databrew/options.go @@ -5,6 +5,7 @@ package databrew import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dataexchange/api_client.go b/service/dataexchange/api_client.go index d64eb547ab4..a01b1776bcb 100644 --- a/service/dataexchange/api_client.go +++ b/service/dataexchange/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dataexchange/auth.go b/service/dataexchange/auth.go index e7b87cb1b16..64ec9c2c87d 100644 --- a/service/dataexchange/auth.go +++ b/service/dataexchange/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dataexchange/endpoints.go b/service/dataexchange/endpoints.go index 2870a89efbc..3abe0526072 100644 --- a/service/dataexchange/endpoints.go +++ b/service/dataexchange/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dataexchange/options.go b/service/dataexchange/options.go index e2a2012d48c..678f1be621d 100644 --- a/service/dataexchange/options.go +++ b/service/dataexchange/options.go @@ -5,6 +5,7 @@ package dataexchange import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datapipeline/api_client.go b/service/datapipeline/api_client.go index 60d6709fd88..9d4a1f6fc11 100644 --- a/service/datapipeline/api_client.go +++ b/service/datapipeline/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/datapipeline/auth.go b/service/datapipeline/auth.go index 95dc8ef9793..781e4b6ab7b 100644 --- a/service/datapipeline/auth.go +++ b/service/datapipeline/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datapipeline/endpoints.go b/service/datapipeline/endpoints.go index 231af8c46ce..e66c305e3e3 100644 --- a/service/datapipeline/endpoints.go +++ b/service/datapipeline/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datapipeline/options.go b/service/datapipeline/options.go index 74ee6db58a9..23925bead71 100644 --- a/service/datapipeline/options.go +++ b/service/datapipeline/options.go @@ -5,6 +5,7 @@ package datapipeline import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datasync/api_client.go b/service/datasync/api_client.go index 0f913672e4a..33e4dc74308 100644 --- a/service/datasync/api_client.go +++ b/service/datasync/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/datasync/auth.go b/service/datasync/auth.go index 32b6fa29edb..7d588b354f5 100644 --- a/service/datasync/auth.go +++ b/service/datasync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datasync/endpoints.go b/service/datasync/endpoints.go index 3e14905e93b..629ac2d41d9 100644 --- a/service/datasync/endpoints.go +++ b/service/datasync/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datasync/options.go b/service/datasync/options.go index 454e8cedd9e..961ee5d59f1 100644 --- a/service/datasync/options.go +++ b/service/datasync/options.go @@ -5,6 +5,7 @@ package datasync import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datazone/api_client.go b/service/datazone/api_client.go index eaf9c878622..5120ae459c6 100644 --- a/service/datazone/api_client.go +++ b/service/datazone/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/datazone/auth.go b/service/datazone/auth.go index c47c550f373..e1b45aaa986 100644 --- a/service/datazone/auth.go +++ b/service/datazone/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datazone/endpoints.go b/service/datazone/endpoints.go index c1399124e32..d306799d353 100644 --- a/service/datazone/endpoints.go +++ b/service/datazone/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -411,7 +412,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -439,6 +440,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datazone/options.go b/service/datazone/options.go index 5d525a95222..c12df0bd9a1 100644 --- a/service/datazone/options.go +++ b/service/datazone/options.go @@ -5,6 +5,7 @@ package datazone import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dax/api_client.go b/service/dax/api_client.go index 8217caf2a8e..b9ba4a0c08b 100644 --- a/service/dax/api_client.go +++ b/service/dax/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dax/auth.go b/service/dax/auth.go index 06101460ce0..24c2265e056 100644 --- a/service/dax/auth.go +++ b/service/dax/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dax/endpoints.go b/service/dax/endpoints.go index b08ff7484a4..84d78f538ed 100644 --- a/service/dax/endpoints.go +++ b/service/dax/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dax/options.go b/service/dax/options.go index 4694ed39c0d..d543f28549c 100644 --- a/service/dax/options.go +++ b/service/dax/options.go @@ -5,6 +5,7 @@ package dax import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/detective/api_client.go b/service/detective/api_client.go index 38bcebc6697..2be13aaf433 100644 --- a/service/detective/api_client.go +++ b/service/detective/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/detective/auth.go b/service/detective/auth.go index 58b15c470da..a068df050be 100644 --- a/service/detective/auth.go +++ b/service/detective/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/detective/endpoints.go b/service/detective/endpoints.go index 4b2b271f06e..1fdcfd66802 100644 --- a/service/detective/endpoints.go +++ b/service/detective/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/detective/options.go b/service/detective/options.go index 044d87d1e20..e15a2ccbf2a 100644 --- a/service/detective/options.go +++ b/service/detective/options.go @@ -5,6 +5,7 @@ package detective import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/devicefarm/api_client.go b/service/devicefarm/api_client.go index 1ec7b650a63..13dacc293ad 100644 --- a/service/devicefarm/api_client.go +++ b/service/devicefarm/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/devicefarm/auth.go b/service/devicefarm/auth.go index a40d222f577..f96d0ef2a15 100644 --- a/service/devicefarm/auth.go +++ b/service/devicefarm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/devicefarm/endpoints.go b/service/devicefarm/endpoints.go index a8cc90aa0b2..caed1f627ad 100644 --- a/service/devicefarm/endpoints.go +++ b/service/devicefarm/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/devicefarm/options.go b/service/devicefarm/options.go index 6ea0d54a1ed..2f772e7fcd7 100644 --- a/service/devicefarm/options.go +++ b/service/devicefarm/options.go @@ -5,6 +5,7 @@ package devicefarm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/devopsguru/api_client.go b/service/devopsguru/api_client.go index 9e9755a8dd3..b15c59f7d2f 100644 --- a/service/devopsguru/api_client.go +++ b/service/devopsguru/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/devopsguru/auth.go b/service/devopsguru/auth.go index 1ee379495c4..07ad39c6849 100644 --- a/service/devopsguru/auth.go +++ b/service/devopsguru/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/devopsguru/endpoints.go b/service/devopsguru/endpoints.go index 804ef6ab78e..803128bafa5 100644 --- a/service/devopsguru/endpoints.go +++ b/service/devopsguru/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/devopsguru/options.go b/service/devopsguru/options.go index 07e231ee379..0850cd5a2a0 100644 --- a/service/devopsguru/options.go +++ b/service/devopsguru/options.go @@ -5,6 +5,7 @@ package devopsguru import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/directconnect/api_client.go b/service/directconnect/api_client.go index 091dff66601..35baeac7b70 100644 --- a/service/directconnect/api_client.go +++ b/service/directconnect/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/directconnect/auth.go b/service/directconnect/auth.go index a139fa60735..7fc0c267a46 100644 --- a/service/directconnect/auth.go +++ b/service/directconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/directconnect/endpoints.go b/service/directconnect/endpoints.go index 4dd0f39d637..09dbeed22b5 100644 --- a/service/directconnect/endpoints.go +++ b/service/directconnect/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/directconnect/options.go b/service/directconnect/options.go index fc3615a5bbf..1655ef133b9 100644 --- a/service/directconnect/options.go +++ b/service/directconnect/options.go @@ -5,6 +5,7 @@ package directconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/directoryservice/api_client.go b/service/directoryservice/api_client.go index 9feb14aff56..9101b51f7a9 100644 --- a/service/directoryservice/api_client.go +++ b/service/directoryservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/directoryservice/auth.go b/service/directoryservice/auth.go index b36e99bc54d..fa0e17b513d 100644 --- a/service/directoryservice/auth.go +++ b/service/directoryservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/directoryservice/endpoints.go b/service/directoryservice/endpoints.go index 1a9512bb58e..81782aa9ce4 100644 --- a/service/directoryservice/endpoints.go +++ b/service/directoryservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/directoryservice/options.go b/service/directoryservice/options.go index 24f9d04a966..af9c7680b45 100644 --- a/service/directoryservice/options.go +++ b/service/directoryservice/options.go @@ -5,6 +5,7 @@ package directoryservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dlm/api_client.go b/service/dlm/api_client.go index daf7fe7ab14..83baf54a41d 100644 --- a/service/dlm/api_client.go +++ b/service/dlm/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dlm/auth.go b/service/dlm/auth.go index 79126cd58ca..1639931f58e 100644 --- a/service/dlm/auth.go +++ b/service/dlm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dlm/endpoints.go b/service/dlm/endpoints.go index a4d6ee665b3..6e4d8b3c401 100644 --- a/service/dlm/endpoints.go +++ b/service/dlm/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dlm/options.go b/service/dlm/options.go index 2d56b3befc2..56121eb0b6b 100644 --- a/service/dlm/options.go +++ b/service/dlm/options.go @@ -5,6 +5,7 @@ package dlm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/docdb/api_client.go b/service/docdb/api_client.go index 72e8e156e3a..9d0a74f642c 100644 --- a/service/docdb/api_client.go +++ b/service/docdb/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/docdb/auth.go b/service/docdb/auth.go index 80174b1760f..32dea8b67ef 100644 --- a/service/docdb/auth.go +++ b/service/docdb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/docdb/endpoints.go b/service/docdb/endpoints.go index 3008a5c5c0b..9a85d9ae254 100644 --- a/service/docdb/endpoints.go +++ b/service/docdb/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/docdb/options.go b/service/docdb/options.go index c5964e219ad..d8e717e805d 100644 --- a/service/docdb/options.go +++ b/service/docdb/options.go @@ -5,6 +5,7 @@ package docdb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/docdbelastic/api_client.go b/service/docdbelastic/api_client.go index 798abfa0f9e..f29edacc02b 100644 --- a/service/docdbelastic/api_client.go +++ b/service/docdbelastic/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/docdbelastic/auth.go b/service/docdbelastic/auth.go index a1d7b716326..0caeb92204e 100644 --- a/service/docdbelastic/auth.go +++ b/service/docdbelastic/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/docdbelastic/endpoints.go b/service/docdbelastic/endpoints.go index 40a6444677f..864b44b36aa 100644 --- a/service/docdbelastic/endpoints.go +++ b/service/docdbelastic/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/docdbelastic/options.go b/service/docdbelastic/options.go index c02ac3d11f2..624ed0dd12c 100644 --- a/service/docdbelastic/options.go +++ b/service/docdbelastic/options.go @@ -5,6 +5,7 @@ package docdbelastic import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/drs/api_client.go b/service/drs/api_client.go index 1347cef14c2..e02b1e8a487 100644 --- a/service/drs/api_client.go +++ b/service/drs/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/drs/auth.go b/service/drs/auth.go index 7acc999fb29..61c5f4c9edd 100644 --- a/service/drs/auth.go +++ b/service/drs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/drs/endpoints.go b/service/drs/endpoints.go index 97cac8bd00b..624f048f2a0 100644 --- a/service/drs/endpoints.go +++ b/service/drs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/drs/options.go b/service/drs/options.go index cdf5589f34d..ab60f4d66f3 100644 --- a/service/drs/options.go +++ b/service/drs/options.go @@ -5,6 +5,7 @@ package drs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dynamodb/api_client.go b/service/dynamodb/api_client.go index 6e54d0328d2..5de5404890c 100644 --- a/service/dynamodb/api_client.go +++ b/service/dynamodb/api_client.go @@ -245,15 +245,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dynamodb/api_op_DisableKinesisStreamingDestination.go b/service/dynamodb/api_op_DisableKinesisStreamingDestination.go index 81b43d04dfe..61f0972ee73 100644 --- a/service/dynamodb/api_op_DisableKinesisStreamingDestination.go +++ b/service/dynamodb/api_op_DisableKinesisStreamingDestination.go @@ -42,6 +42,9 @@ type DisableKinesisStreamingDestinationInput struct { // This member is required. TableName *string + // The source for the Kinesis streaming information that is being enabled. + EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration + noSmithyDocumentSerde } @@ -50,6 +53,9 @@ type DisableKinesisStreamingDestinationOutput struct { // The current status of the replication. DestinationStatus types.DestinationStatus + // The destination for the Kinesis streaming information that is being enabled. + EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration + // The ARN for the specific Kinesis data stream. StreamArn *string diff --git a/service/dynamodb/api_op_EnableKinesisStreamingDestination.go b/service/dynamodb/api_op_EnableKinesisStreamingDestination.go index 6eee7606b65..9532e9e42a7 100644 --- a/service/dynamodb/api_op_EnableKinesisStreamingDestination.go +++ b/service/dynamodb/api_op_EnableKinesisStreamingDestination.go @@ -44,6 +44,9 @@ type EnableKinesisStreamingDestinationInput struct { // This member is required. TableName *string + // The source for the Kinesis streaming information that is being enabled. + EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration + noSmithyDocumentSerde } @@ -52,6 +55,9 @@ type EnableKinesisStreamingDestinationOutput struct { // The current status of the replication. DestinationStatus types.DestinationStatus + // The destination for the Kinesis streaming information that is being enabled. + EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration + // The ARN for the specific Kinesis data stream. StreamArn *string diff --git a/service/dynamodb/api_op_UpdateKinesisStreamingDestination.go b/service/dynamodb/api_op_UpdateKinesisStreamingDestination.go new file mode 100644 index 00000000000..4c727233ec6 --- /dev/null +++ b/service/dynamodb/api_op_UpdateKinesisStreamingDestination.go @@ -0,0 +1,207 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package dynamodb + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/service/dynamodb/types" + internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// The command to update the Kinesis stream destination. +func (c *Client) UpdateKinesisStreamingDestination(ctx context.Context, params *UpdateKinesisStreamingDestinationInput, optFns ...func(*Options)) (*UpdateKinesisStreamingDestinationOutput, error) { + if params == nil { + params = &UpdateKinesisStreamingDestinationInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "UpdateKinesisStreamingDestination", params, optFns, c.addOperationUpdateKinesisStreamingDestinationMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*UpdateKinesisStreamingDestinationOutput) + out.ResultMetadata = metadata + return out, nil +} + +type UpdateKinesisStreamingDestinationInput struct { + + // The ARN for the Kinesis stream input. + // + // This member is required. + StreamArn *string + + // The table name for the Kinesis streaming destination input. + // + // This member is required. + TableName *string + + // The command to update the Kinesis stream configuration. + UpdateKinesisStreamingConfiguration *types.UpdateKinesisStreamingConfiguration + + noSmithyDocumentSerde +} + +type UpdateKinesisStreamingDestinationOutput struct { + + // The status of the attempt to update the Kinesis streaming destination output. + DestinationStatus types.DestinationStatus + + // The ARN for the Kinesis stream input. + StreamArn *string + + // The table name for the Kinesis streaming destination output. + TableName *string + + // The command to update the Kinesis streaming destination configuration. + UpdateKinesisStreamingConfiguration *types.UpdateKinesisStreamingConfiguration + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationUpdateKinesisStreamingDestinationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsAwsjson10_serializeOpUpdateKinesisStreamingDestination{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateKinesisStreamingDestination"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addOpUpdateKinesisStreamingDestinationDiscoverEndpointMiddleware(stack, options, c); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addOpUpdateKinesisStreamingDestinationValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateKinesisStreamingDestination(options.Region), middleware.Before); err != nil { + return err + } + if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addValidateResponseChecksum(stack, options); err != nil { + return err + } + if err = addAcceptEncodingGzip(stack, options); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func addOpUpdateKinesisStreamingDestinationDiscoverEndpointMiddleware(stack *middleware.Stack, o Options, c *Client) error { + return stack.Finalize.Insert(&internalEndpointDiscovery.DiscoverEndpoint{ + Options: []func(*internalEndpointDiscovery.DiscoverEndpointOptions){ + func(opt *internalEndpointDiscovery.DiscoverEndpointOptions) { + opt.DisableHTTPS = o.EndpointOptions.DisableHTTPS + opt.Logger = o.Logger + }, + }, + DiscoverOperation: c.fetchOpUpdateKinesisStreamingDestinationDiscoverEndpoint, + EndpointDiscoveryEnableState: o.EndpointDiscovery.EnableEndpointDiscovery, + EndpointDiscoveryRequired: false, + Region: o.Region, + }, "ResolveEndpointV2", middleware.After) +} + +func (c *Client) fetchOpUpdateKinesisStreamingDestinationDiscoverEndpoint(ctx context.Context, region string, optFns ...func(*internalEndpointDiscovery.DiscoverEndpointOptions)) (internalEndpointDiscovery.WeightedAddress, error) { + input := getOperationInput(ctx) + in, ok := input.(*UpdateKinesisStreamingDestinationInput) + if !ok { + return internalEndpointDiscovery.WeightedAddress{}, fmt.Errorf("unknown input type %T", input) + } + _ = in + + identifierMap := make(map[string]string, 0) + identifierMap["sdk#Region"] = region + + key := fmt.Sprintf("DynamoDB.%v", identifierMap) + + if v, ok := c.endpointCache.Get(key); ok { + return v, nil + } + + discoveryOperationInput := &DescribeEndpointsInput{} + + opt := internalEndpointDiscovery.DiscoverEndpointOptions{} + for _, fn := range optFns { + fn(&opt) + } + + go c.handleEndpointDiscoveryFromService(ctx, discoveryOperationInput, region, key, opt) + return internalEndpointDiscovery.WeightedAddress{}, nil +} + +func newServiceMetadataMiddleware_opUpdateKinesisStreamingDestination(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "UpdateKinesisStreamingDestination", + } +} diff --git a/service/dynamodb/auth.go b/service/dynamodb/auth.go index 817a2851839..19ff64081f5 100644 --- a/service/dynamodb/auth.go +++ b/service/dynamodb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dynamodb/deserializers.go b/service/dynamodb/deserializers.go index ccb22609a36..002ce8b9d6c 100644 --- a/service/dynamodb/deserializers.go +++ b/service/dynamodb/deserializers.go @@ -6023,6 +6023,129 @@ func awsAwsjson10_deserializeOpErrorUpdateItem(response *smithyhttp.Response, me } } +type awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination struct { +} + +func (*awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination) ID() string { + return "OperationDeserializer" +} + +func (m *awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsAwsjson10_deserializeOpErrorUpdateKinesisStreamingDestination(response, &metadata) + } + output := &UpdateKinesisStreamingDestinationOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsAwsjson10_deserializeOpDocumentUpdateKinesisStreamingDestinationOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + return out, metadata, err +} + +func awsAwsjson10_deserializeOpErrorUpdateKinesisStreamingDestination(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("InternalServerError", errorCode): + return awsAwsjson10_deserializeErrorInternalServerError(response, errorBody) + + case strings.EqualFold("InvalidEndpointException", errorCode): + return awsAwsjson10_deserializeErrorInvalidEndpointException(response, errorBody) + + case strings.EqualFold("LimitExceededException", errorCode): + return awsAwsjson10_deserializeErrorLimitExceededException(response, errorBody) + + case strings.EqualFold("ResourceInUseException", errorCode): + return awsAwsjson10_deserializeErrorResourceInUseException(response, errorBody) + + case strings.EqualFold("ResourceNotFoundException", errorCode): + return awsAwsjson10_deserializeErrorResourceNotFoundException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + type awsAwsjson10_deserializeOpUpdateTable struct { } @@ -9661,6 +9784,46 @@ func awsAwsjson10_deserializeDocumentDuplicateItemException(v **types.DuplicateI return nil } +func awsAwsjson10_deserializeDocumentEnableKinesisStreamingConfiguration(v **types.EnableKinesisStreamingConfiguration, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.EnableKinesisStreamingConfiguration + if *v == nil { + sv = &types.EnableKinesisStreamingConfiguration{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "ApproximateCreationDateTimePrecision": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ApproximateCreationDateTimePrecision to be of type string, got %T instead", value) + } + sv.ApproximateCreationDateTimePrecision = types.ApproximateCreationDateTimePrecision(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson10_deserializeDocumentEndpoint(v **types.Endpoint, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -12184,6 +12347,15 @@ func awsAwsjson10_deserializeDocumentKinesisDataStreamDestination(v **types.Kine for key, value := range shape { switch key { + case "ApproximateCreationDateTimePrecision": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ApproximateCreationDateTimePrecision to be of type string, got %T instead", value) + } + sv.ApproximateCreationDateTimePrecision = types.ApproximateCreationDateTimePrecision(jtv) + } + case "DestinationStatus": if value != nil { jtv, ok := value.(string) @@ -15487,6 +15659,46 @@ func awsAwsjson10_deserializeDocumentTransactionInProgressException(v **types.Tr return nil } +func awsAwsjson10_deserializeDocumentUpdateKinesisStreamingConfiguration(v **types.UpdateKinesisStreamingConfiguration, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.UpdateKinesisStreamingConfiguration + if *v == nil { + sv = &types.UpdateKinesisStreamingConfiguration{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "ApproximateCreationDateTimePrecision": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ApproximateCreationDateTimePrecision to be of type string, got %T instead", value) + } + sv.ApproximateCreationDateTimePrecision = types.ApproximateCreationDateTimePrecision(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson10_deserializeDocumentWriteRequest(v **types.WriteRequest, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -16533,6 +16745,11 @@ func awsAwsjson10_deserializeOpDocumentDisableKinesisStreamingDestinationOutput( sv.DestinationStatus = types.DestinationStatus(jtv) } + case "EnableKinesisStreamingConfiguration": + if err := awsAwsjson10_deserializeDocumentEnableKinesisStreamingConfiguration(&sv.EnableKinesisStreamingConfiguration, value); err != nil { + return err + } + case "StreamArn": if value != nil { jtv, ok := value.(string) @@ -16591,6 +16808,11 @@ func awsAwsjson10_deserializeOpDocumentEnableKinesisStreamingDestinationOutput(v sv.DestinationStatus = types.DestinationStatus(jtv) } + case "EnableKinesisStreamingConfiguration": + if err := awsAwsjson10_deserializeDocumentEnableKinesisStreamingConfiguration(&sv.EnableKinesisStreamingConfiguration, value); err != nil { + return err + } + case "StreamArn": if value != nil { jtv, ok := value.(string) @@ -17707,6 +17929,69 @@ func awsAwsjson10_deserializeOpDocumentUpdateItemOutput(v **UpdateItemOutput, va return nil } +func awsAwsjson10_deserializeOpDocumentUpdateKinesisStreamingDestinationOutput(v **UpdateKinesisStreamingDestinationOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *UpdateKinesisStreamingDestinationOutput + if *v == nil { + sv = &UpdateKinesisStreamingDestinationOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "DestinationStatus": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected DestinationStatus to be of type string, got %T instead", value) + } + sv.DestinationStatus = types.DestinationStatus(jtv) + } + + case "StreamArn": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected StreamArn to be of type string, got %T instead", value) + } + sv.StreamArn = ptr.String(jtv) + } + + case "TableName": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TableName to be of type string, got %T instead", value) + } + sv.TableName = ptr.String(jtv) + } + + case "UpdateKinesisStreamingConfiguration": + if err := awsAwsjson10_deserializeDocumentUpdateKinesisStreamingConfiguration(&sv.UpdateKinesisStreamingConfiguration, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson10_deserializeOpDocumentUpdateTableOutput(v **UpdateTableOutput, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/dynamodb/endpoints.go b/service/dynamodb/endpoints.go index 2b62d559bc9..a750cef35aa 100644 --- a/service/dynamodb/endpoints.go +++ b/service/dynamodb/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -489,7 +490,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -518,6 +519,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -528,7 +532,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dynamodb/generated.json b/service/dynamodb/generated.json index 7043e391d65..215c30f52ab 100644 --- a/service/dynamodb/generated.json +++ b/service/dynamodb/generated.json @@ -62,6 +62,7 @@ "api_op_UpdateGlobalTable.go", "api_op_UpdateGlobalTableSettings.go", "api_op_UpdateItem.go", + "api_op_UpdateKinesisStreamingDestination.go", "api_op_UpdateTable.go", "api_op_UpdateTableReplicaAutoScaling.go", "api_op_UpdateTimeToLive.go", diff --git a/service/dynamodb/options.go b/service/dynamodb/options.go index bf88e3b7635..58dc0d91eec 100644 --- a/service/dynamodb/options.go +++ b/service/dynamodb/options.go @@ -5,6 +5,7 @@ package dynamodb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dynamodb/serializers.go b/service/dynamodb/serializers.go index 0317bd60ff7..833253c9199 100644 --- a/service/dynamodb/serializers.go +++ b/service/dynamodb/serializers.go @@ -2767,6 +2767,61 @@ func (m *awsAwsjson10_serializeOpUpdateItem) HandleSerialize(ctx context.Context return next.HandleSerialize(ctx, in) } +type awsAwsjson10_serializeOpUpdateKinesisStreamingDestination struct { +} + +func (*awsAwsjson10_serializeOpUpdateKinesisStreamingDestination) ID() string { + return "OperationSerializer" +} + +func (m *awsAwsjson10_serializeOpUpdateKinesisStreamingDestination) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*UpdateKinesisStreamingDestinationInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + operationPath := "/" + if len(request.Request.URL.Path) == 0 { + request.Request.URL.Path = operationPath + } else { + request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) + if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { + request.Request.URL.Path += "/" + } + } + request.Request.Method = "POST" + httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.0") + httpBindingEncoder.SetHeader("X-Amz-Target").String("DynamoDB_20120810.UpdateKinesisStreamingDestination") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsAwsjson10_serializeOpDocumentUpdateKinesisStreamingDestinationInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} + type awsAwsjson10_serializeOpUpdateTable struct { } @@ -3515,6 +3570,18 @@ func awsAwsjson10_serializeDocumentDeleteRequest(v *types.DeleteRequest, value s return nil } +func awsAwsjson10_serializeDocumentEnableKinesisStreamingConfiguration(v *types.EnableKinesisStreamingConfiguration, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if len(v.ApproximateCreationDateTimePrecision) > 0 { + ok := object.Key("ApproximateCreationDateTimePrecision") + ok.String(string(v.ApproximateCreationDateTimePrecision)) + } + + return nil +} + func awsAwsjson10_serializeDocumentExpectedAttributeMap(v map[string]types.ExpectedAttributeValue, value smithyjson.Value) error { object := value.Object() defer object.Close() @@ -4843,6 +4910,18 @@ func awsAwsjson10_serializeDocumentUpdateGlobalSecondaryIndexAction(v *types.Upd return nil } +func awsAwsjson10_serializeDocumentUpdateKinesisStreamingConfiguration(v *types.UpdateKinesisStreamingConfiguration, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if len(v.ApproximateCreationDateTimePrecision) > 0 { + ok := object.Key("ApproximateCreationDateTimePrecision") + ok.String(string(v.ApproximateCreationDateTimePrecision)) + } + + return nil +} + func awsAwsjson10_serializeDocumentUpdateReplicationGroupMemberAction(v *types.UpdateReplicationGroupMemberAction, value smithyjson.Value) error { object := value.Object() defer object.Close() @@ -5343,6 +5422,13 @@ func awsAwsjson10_serializeOpDocumentDisableKinesisStreamingDestinationInput(v * object := value.Object() defer object.Close() + if v.EnableKinesisStreamingConfiguration != nil { + ok := object.Key("EnableKinesisStreamingConfiguration") + if err := awsAwsjson10_serializeDocumentEnableKinesisStreamingConfiguration(v.EnableKinesisStreamingConfiguration, ok); err != nil { + return err + } + } + if v.StreamArn != nil { ok := object.Key("StreamArn") ok.String(*v.StreamArn) @@ -5360,6 +5446,13 @@ func awsAwsjson10_serializeOpDocumentEnableKinesisStreamingDestinationInput(v *E object := value.Object() defer object.Close() + if v.EnableKinesisStreamingConfiguration != nil { + ok := object.Key("EnableKinesisStreamingConfiguration") + if err := awsAwsjson10_serializeDocumentEnableKinesisStreamingConfiguration(v.EnableKinesisStreamingConfiguration, ok); err != nil { + return err + } + } + if v.StreamArn != nil { ok := object.Key("StreamArn") ok.String(*v.StreamArn) @@ -6412,6 +6505,30 @@ func awsAwsjson10_serializeOpDocumentUpdateItemInput(v *UpdateItemInput, value s return nil } +func awsAwsjson10_serializeOpDocumentUpdateKinesisStreamingDestinationInput(v *UpdateKinesisStreamingDestinationInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.StreamArn != nil { + ok := object.Key("StreamArn") + ok.String(*v.StreamArn) + } + + if v.TableName != nil { + ok := object.Key("TableName") + ok.String(*v.TableName) + } + + if v.UpdateKinesisStreamingConfiguration != nil { + ok := object.Key("UpdateKinesisStreamingConfiguration") + if err := awsAwsjson10_serializeDocumentUpdateKinesisStreamingConfiguration(v.UpdateKinesisStreamingConfiguration, ok); err != nil { + return err + } + } + + return nil +} + func awsAwsjson10_serializeOpDocumentUpdateTableInput(v *UpdateTableInput, value smithyjson.Value) error { object := value.Object() defer object.Close() diff --git a/service/dynamodb/types/enums.go b/service/dynamodb/types/enums.go index a603b3406ef..ec617f936bd 100644 --- a/service/dynamodb/types/enums.go +++ b/service/dynamodb/types/enums.go @@ -2,6 +2,25 @@ package types +type ApproximateCreationDateTimePrecision string + +// Enum values for ApproximateCreationDateTimePrecision +const ( + ApproximateCreationDateTimePrecisionMillisecond ApproximateCreationDateTimePrecision = "MILLISECOND" + ApproximateCreationDateTimePrecisionMicrosecond ApproximateCreationDateTimePrecision = "MICROSECOND" +) + +// Values returns all known values for ApproximateCreationDateTimePrecision. Note +// that this can be expanded in the future, and so it is only as up to date as the +// client. The ordering of this slice is not guaranteed to be stable across +// updates. +func (ApproximateCreationDateTimePrecision) Values() []ApproximateCreationDateTimePrecision { + return []ApproximateCreationDateTimePrecision{ + "MILLISECOND", + "MICROSECOND", + } +} + type AttributeAction string // Enum values for AttributeAction @@ -265,6 +284,7 @@ const ( DestinationStatusDisabling DestinationStatus = "DISABLING" DestinationStatusDisabled DestinationStatus = "DISABLED" DestinationStatusEnableFailed DestinationStatus = "ENABLE_FAILED" + DestinationStatusUpdating DestinationStatus = "UPDATING" ) // Values returns all known values for DestinationStatus. Note that this can be @@ -277,6 +297,7 @@ func (DestinationStatus) Values() []DestinationStatus { "DISABLING", "DISABLED", "ENABLE_FAILED", + "UPDATING", } } diff --git a/service/dynamodb/types/types.go b/service/dynamodb/types/types.go index 037de7ce4c0..ce38bd1f41d 100644 --- a/service/dynamodb/types/types.go +++ b/service/dynamodb/types/types.go @@ -975,6 +975,16 @@ type DeleteRequest struct { noSmithyDocumentSerde } +// Enables setting the configuration for Kinesis Streaming. +type EnableKinesisStreamingConfiguration struct { + + // Toggle for the precision of Kinesis data stream timestamp. The values are + // either MILLISECOND or MICROSECOND . + ApproximateCreationDateTimePrecision ApproximateCreationDateTimePrecision + + noSmithyDocumentSerde +} + // An endpoint information details. type Endpoint struct { @@ -1775,6 +1785,10 @@ type KeySchemaElement struct { // Describes a Kinesis data stream destination. type KinesisDataStreamDestination struct { + // The precision of the Kinesis data stream timestamp. The values are either + // MILLISECOND or MICROSECOND . + ApproximateCreationDateTimePrecision ApproximateCreationDateTimePrecision + // The current status of replication. DestinationStatus DestinationStatus @@ -1886,10 +1900,10 @@ type LocalSecondaryIndexInfo struct { noSmithyDocumentSerde } -// Represents a PartiQL statment that uses parameters. +// Represents a PartiQL statement that uses parameters. type ParameterizedStatement struct { - // A PartiQL statment that uses parameters. + // A PartiQL statement that uses parameters. // // This member is required. Statement *string @@ -3016,6 +3030,15 @@ type UpdateGlobalSecondaryIndexAction struct { noSmithyDocumentSerde } +// Enables updating the configuration for Kinesis Streaming. +type UpdateKinesisStreamingConfiguration struct { + + // Enables updating the precision of Kinesis data stream timestamp. + ApproximateCreationDateTimePrecision ApproximateCreationDateTimePrecision + + noSmithyDocumentSerde +} + // Represents a replica to be modified. type UpdateReplicationGroupMemberAction struct { diff --git a/service/dynamodb/validators.go b/service/dynamodb/validators.go index 1c76f46d976..4762e130283 100644 --- a/service/dynamodb/validators.go +++ b/service/dynamodb/validators.go @@ -850,6 +850,26 @@ func (m *validateOpUpdateItem) HandleInitialize(ctx context.Context, in middlewa return next.HandleInitialize(ctx, in) } +type validateOpUpdateKinesisStreamingDestination struct { +} + +func (*validateOpUpdateKinesisStreamingDestination) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpUpdateKinesisStreamingDestination) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*UpdateKinesisStreamingDestinationInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpUpdateKinesisStreamingDestinationInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpUpdateTable struct { } @@ -1078,6 +1098,10 @@ func addOpUpdateItemValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpUpdateItem{}, middleware.After) } +func addOpUpdateKinesisStreamingDestinationValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpUpdateKinesisStreamingDestination{}, middleware.After) +} + func addOpUpdateTableValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpUpdateTable{}, middleware.After) } @@ -3231,6 +3255,24 @@ func validateOpUpdateItemInput(v *UpdateItemInput) error { } } +func validateOpUpdateKinesisStreamingDestinationInput(v *UpdateKinesisStreamingDestinationInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "UpdateKinesisStreamingDestinationInput"} + if v.TableName == nil { + invalidParams.Add(smithy.NewErrParamRequired("TableName")) + } + if v.StreamArn == nil { + invalidParams.Add(smithy.NewErrParamRequired("StreamArn")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpUpdateTableInput(v *UpdateTableInput) error { if v == nil { return nil diff --git a/service/dynamodbstreams/api_client.go b/service/dynamodbstreams/api_client.go index 5bb9b0dc4b0..cc47bc65c0a 100644 --- a/service/dynamodbstreams/api_client.go +++ b/service/dynamodbstreams/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dynamodbstreams/auth.go b/service/dynamodbstreams/auth.go index 25738f652c9..81cf2256864 100644 --- a/service/dynamodbstreams/auth.go +++ b/service/dynamodbstreams/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dynamodbstreams/endpoints.go b/service/dynamodbstreams/endpoints.go index 519bd70800a..b04bf2f2cd6 100644 --- a/service/dynamodbstreams/endpoints.go +++ b/service/dynamodbstreams/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -584,7 +585,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -613,6 +614,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -623,7 +627,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dynamodbstreams/options.go b/service/dynamodbstreams/options.go index 6304b262f06..cef37cd6ea2 100644 --- a/service/dynamodbstreams/options.go +++ b/service/dynamodbstreams/options.go @@ -5,6 +5,7 @@ package dynamodbstreams import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ebs/api_client.go b/service/ebs/api_client.go index 1158ab14ff0..a4e9421d04c 100644 --- a/service/ebs/api_client.go +++ b/service/ebs/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ebs/auth.go b/service/ebs/auth.go index a32582f7732..10eb91b3d92 100644 --- a/service/ebs/auth.go +++ b/service/ebs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ebs/endpoints.go b/service/ebs/endpoints.go index 2edafb84c22..7116ab4d35d 100644 --- a/service/ebs/endpoints.go +++ b/service/ebs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ebs/options.go b/service/ebs/options.go index f36c486c948..be7bd686d40 100644 --- a/service/ebs/options.go +++ b/service/ebs/options.go @@ -5,6 +5,7 @@ package ebs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ec2/api_client.go b/service/ec2/api_client.go index 84365b955b0..a6696964f7f 100644 --- a/service/ec2/api_client.go +++ b/service/ec2/api_client.go @@ -237,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ec2/auth.go b/service/ec2/auth.go index 2e29d836bcc..00b179290e1 100644 --- a/service/ec2/auth.go +++ b/service/ec2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ec2/endpoints.go b/service/ec2/endpoints.go index 6423ebf2234..f310437ce13 100644 --- a/service/ec2/endpoints.go +++ b/service/ec2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ec2/options.go b/service/ec2/options.go index 37cb69d205f..ac8f55e04f6 100644 --- a/service/ec2/options.go +++ b/service/ec2/options.go @@ -5,6 +5,7 @@ package ec2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ec2instanceconnect/api_client.go b/service/ec2instanceconnect/api_client.go index 7ff6311ca28..dcb38d9c1f1 100644 --- a/service/ec2instanceconnect/api_client.go +++ b/service/ec2instanceconnect/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ec2instanceconnect/auth.go b/service/ec2instanceconnect/auth.go index 024c19c37e2..c7baaf1dd3c 100644 --- a/service/ec2instanceconnect/auth.go +++ b/service/ec2instanceconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ec2instanceconnect/endpoints.go b/service/ec2instanceconnect/endpoints.go index a3a37243e0b..a590e51250a 100644 --- a/service/ec2instanceconnect/endpoints.go +++ b/service/ec2instanceconnect/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ec2instanceconnect/options.go b/service/ec2instanceconnect/options.go index 2816b454b5d..da26ef03f59 100644 --- a/service/ec2instanceconnect/options.go +++ b/service/ec2instanceconnect/options.go @@ -5,6 +5,7 @@ package ec2instanceconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecr/api_client.go b/service/ecr/api_client.go index f74882130ee..ca021b2a7fa 100644 --- a/service/ecr/api_client.go +++ b/service/ecr/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ecr/auth.go b/service/ecr/auth.go index 86ba7edf6b8..a8ba503b9c2 100644 --- a/service/ecr/auth.go +++ b/service/ecr/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecr/endpoints.go b/service/ecr/endpoints.go index b928bb088ec..48974554c3e 100644 --- a/service/ecr/endpoints.go +++ b/service/ecr/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecr/options.go b/service/ecr/options.go index 0de783e381c..3facb8a3be0 100644 --- a/service/ecr/options.go +++ b/service/ecr/options.go @@ -5,6 +5,7 @@ package ecr import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecrpublic/api_client.go b/service/ecrpublic/api_client.go index a9e71d814a1..9b31863eaa7 100644 --- a/service/ecrpublic/api_client.go +++ b/service/ecrpublic/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ecrpublic/auth.go b/service/ecrpublic/auth.go index 80729fbc78a..c7feeb8c629 100644 --- a/service/ecrpublic/auth.go +++ b/service/ecrpublic/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecrpublic/endpoints.go b/service/ecrpublic/endpoints.go index 6e2c49c79b8..e5438d44420 100644 --- a/service/ecrpublic/endpoints.go +++ b/service/ecrpublic/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecrpublic/options.go b/service/ecrpublic/options.go index 2845b43a8dd..10896c9d06c 100644 --- a/service/ecrpublic/options.go +++ b/service/ecrpublic/options.go @@ -5,6 +5,7 @@ package ecrpublic import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecs/api_client.go b/service/ecs/api_client.go index 93f29da2d20..52cf0dcda47 100644 --- a/service/ecs/api_client.go +++ b/service/ecs/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ecs/auth.go b/service/ecs/auth.go index 5aa04a20db8..55765b24d16 100644 --- a/service/ecs/auth.go +++ b/service/ecs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecs/endpoints.go b/service/ecs/endpoints.go index 16fb79b6631..08347e005e8 100644 --- a/service/ecs/endpoints.go +++ b/service/ecs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecs/options.go b/service/ecs/options.go index 9ecc7a35755..ad65aaa6b30 100644 --- a/service/ecs/options.go +++ b/service/ecs/options.go @@ -5,6 +5,7 @@ package ecs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/efs/api_client.go b/service/efs/api_client.go index f066b2f68eb..4426a4ac401 100644 --- a/service/efs/api_client.go +++ b/service/efs/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/efs/auth.go b/service/efs/auth.go index f5d2e317fcd..2de8e610f89 100644 --- a/service/efs/auth.go +++ b/service/efs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/efs/endpoints.go b/service/efs/endpoints.go index 01698ef70b8..cef902e67fc 100644 --- a/service/efs/endpoints.go +++ b/service/efs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/efs/options.go b/service/efs/options.go index 069a24e4a55..563f0a06e1c 100644 --- a/service/efs/options.go +++ b/service/efs/options.go @@ -5,6 +5,7 @@ package efs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eks/api_client.go b/service/eks/api_client.go index f7bcc7c3d8a..e0d0f1e2331 100644 --- a/service/eks/api_client.go +++ b/service/eks/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/eks/auth.go b/service/eks/auth.go index 8de3011f101..9995c5d49fa 100644 --- a/service/eks/auth.go +++ b/service/eks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eks/endpoints.go b/service/eks/endpoints.go index 166f800fd0b..7a7f25d32a8 100644 --- a/service/eks/endpoints.go +++ b/service/eks/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eks/options.go b/service/eks/options.go index 631a8c6e949..a4fcf6378a1 100644 --- a/service/eks/options.go +++ b/service/eks/options.go @@ -5,6 +5,7 @@ package eks import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eksauth/api_client.go b/service/eksauth/api_client.go index aef6d70c767..30d355567be 100644 --- a/service/eksauth/api_client.go +++ b/service/eksauth/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/eksauth/auth.go b/service/eksauth/auth.go index a1ce44f9076..b0ea195159f 100644 --- a/service/eksauth/auth.go +++ b/service/eksauth/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eksauth/endpoints.go b/service/eksauth/endpoints.go index 3003c7a6536..635f3f1f417 100644 --- a/service/eksauth/endpoints.go +++ b/service/eksauth/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -411,7 +412,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -439,6 +440,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eksauth/options.go b/service/eksauth/options.go index 9332828cd7b..cbd3588ca85 100644 --- a/service/eksauth/options.go +++ b/service/eksauth/options.go @@ -5,6 +5,7 @@ package eksauth import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticache/api_client.go b/service/elasticache/api_client.go index a2134c011db..6c707dcfdac 100644 --- a/service/elasticache/api_client.go +++ b/service/elasticache/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticache/auth.go b/service/elasticache/auth.go index fbd7f6111aa..d551db96f6b 100644 --- a/service/elasticache/auth.go +++ b/service/elasticache/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticache/endpoints.go b/service/elasticache/endpoints.go index f7ea773f892..73bf6c98270 100644 --- a/service/elasticache/endpoints.go +++ b/service/elasticache/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticache/options.go b/service/elasticache/options.go index 8ff05b5d872..edec2addd8a 100644 --- a/service/elasticache/options.go +++ b/service/elasticache/options.go @@ -5,6 +5,7 @@ package elasticache import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticbeanstalk/api_client.go b/service/elasticbeanstalk/api_client.go index de60613ee01..2bde8ad7d79 100644 --- a/service/elasticbeanstalk/api_client.go +++ b/service/elasticbeanstalk/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticbeanstalk/auth.go b/service/elasticbeanstalk/auth.go index cb63dd48eb6..2c8c2bbfdf2 100644 --- a/service/elasticbeanstalk/auth.go +++ b/service/elasticbeanstalk/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticbeanstalk/endpoints.go b/service/elasticbeanstalk/endpoints.go index 1388e2d9713..eb264637191 100644 --- a/service/elasticbeanstalk/endpoints.go +++ b/service/elasticbeanstalk/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticbeanstalk/options.go b/service/elasticbeanstalk/options.go index 556136385fd..c60f3bbf785 100644 --- a/service/elasticbeanstalk/options.go +++ b/service/elasticbeanstalk/options.go @@ -5,6 +5,7 @@ package elasticbeanstalk import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticinference/api_client.go b/service/elasticinference/api_client.go index e295a0ba91f..9d856c709db 100644 --- a/service/elasticinference/api_client.go +++ b/service/elasticinference/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticinference/auth.go b/service/elasticinference/auth.go index 46398517c62..185b9e2336a 100644 --- a/service/elasticinference/auth.go +++ b/service/elasticinference/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticinference/endpoints.go b/service/elasticinference/endpoints.go index a3c58547aa1..2bfc33c5a19 100644 --- a/service/elasticinference/endpoints.go +++ b/service/elasticinference/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticinference/options.go b/service/elasticinference/options.go index a85a7dd5a28..0137fe5b45c 100644 --- a/service/elasticinference/options.go +++ b/service/elasticinference/options.go @@ -5,6 +5,7 @@ package elasticinference import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticloadbalancing/api_client.go b/service/elasticloadbalancing/api_client.go index 27ea617cd76..9a15f9c365c 100644 --- a/service/elasticloadbalancing/api_client.go +++ b/service/elasticloadbalancing/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticloadbalancing/auth.go b/service/elasticloadbalancing/auth.go index b337a92f47e..3eadd2bfc7f 100644 --- a/service/elasticloadbalancing/auth.go +++ b/service/elasticloadbalancing/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticloadbalancing/endpoints.go b/service/elasticloadbalancing/endpoints.go index 8244497d310..8b4f9683d2b 100644 --- a/service/elasticloadbalancing/endpoints.go +++ b/service/elasticloadbalancing/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticloadbalancing/options.go b/service/elasticloadbalancing/options.go index e727763ea75..8cf198aad01 100644 --- a/service/elasticloadbalancing/options.go +++ b/service/elasticloadbalancing/options.go @@ -5,6 +5,7 @@ package elasticloadbalancing import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticloadbalancingv2/api_client.go b/service/elasticloadbalancingv2/api_client.go index a15c94adb83..974a88c399b 100644 --- a/service/elasticloadbalancingv2/api_client.go +++ b/service/elasticloadbalancingv2/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticloadbalancingv2/auth.go b/service/elasticloadbalancingv2/auth.go index 88459c677f4..a2619bc6778 100644 --- a/service/elasticloadbalancingv2/auth.go +++ b/service/elasticloadbalancingv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticloadbalancingv2/endpoints.go b/service/elasticloadbalancingv2/endpoints.go index 4dd1b2f905d..e70917da206 100644 --- a/service/elasticloadbalancingv2/endpoints.go +++ b/service/elasticloadbalancingv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticloadbalancingv2/options.go b/service/elasticloadbalancingv2/options.go index 8d973890d08..65412cc105f 100644 --- a/service/elasticloadbalancingv2/options.go +++ b/service/elasticloadbalancingv2/options.go @@ -5,6 +5,7 @@ package elasticloadbalancingv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticsearchservice/api_client.go b/service/elasticsearchservice/api_client.go index 9e58807ddfa..7a5595392f4 100644 --- a/service/elasticsearchservice/api_client.go +++ b/service/elasticsearchservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticsearchservice/auth.go b/service/elasticsearchservice/auth.go index 15fe8b011f2..8752ee07ff9 100644 --- a/service/elasticsearchservice/auth.go +++ b/service/elasticsearchservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticsearchservice/endpoints.go b/service/elasticsearchservice/endpoints.go index 9dfee48a030..b464937464a 100644 --- a/service/elasticsearchservice/endpoints.go +++ b/service/elasticsearchservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -496,7 +497,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -525,6 +526,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticsearchservice/options.go b/service/elasticsearchservice/options.go index c3e0bd9f3dc..b224f6d40a7 100644 --- a/service/elasticsearchservice/options.go +++ b/service/elasticsearchservice/options.go @@ -5,6 +5,7 @@ package elasticsearchservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elastictranscoder/api_client.go b/service/elastictranscoder/api_client.go index 7b64bdb4541..63083926363 100644 --- a/service/elastictranscoder/api_client.go +++ b/service/elastictranscoder/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elastictranscoder/auth.go b/service/elastictranscoder/auth.go index 161aee240ec..e57b7ac5e88 100644 --- a/service/elastictranscoder/auth.go +++ b/service/elastictranscoder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elastictranscoder/endpoints.go b/service/elastictranscoder/endpoints.go index 13b2e0dbe36..312065ee00a 100644 --- a/service/elastictranscoder/endpoints.go +++ b/service/elastictranscoder/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elastictranscoder/options.go b/service/elastictranscoder/options.go index f079c228073..cb4577a4561 100644 --- a/service/elastictranscoder/options.go +++ b/service/elastictranscoder/options.go @@ -5,6 +5,7 @@ package elastictranscoder import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emr/api_client.go b/service/emr/api_client.go index 52a6ab728c9..11fd81cade1 100644 --- a/service/emr/api_client.go +++ b/service/emr/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/emr/auth.go b/service/emr/auth.go index 163f6cd1c0d..d2721cd7245 100644 --- a/service/emr/auth.go +++ b/service/emr/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emr/endpoints.go b/service/emr/endpoints.go index 9e1dab4ea3a..e287460e716 100644 --- a/service/emr/endpoints.go +++ b/service/emr/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emr/options.go b/service/emr/options.go index 1eec3a958dc..196161aef22 100644 --- a/service/emr/options.go +++ b/service/emr/options.go @@ -5,6 +5,7 @@ package emr import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emrcontainers/api_client.go b/service/emrcontainers/api_client.go index 3756ca2ab46..0cdb8afb137 100644 --- a/service/emrcontainers/api_client.go +++ b/service/emrcontainers/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/emrcontainers/auth.go b/service/emrcontainers/auth.go index 974f9db8255..f0ffb718997 100644 --- a/service/emrcontainers/auth.go +++ b/service/emrcontainers/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emrcontainers/endpoints.go b/service/emrcontainers/endpoints.go index 886f4987e0b..948a27c2656 100644 --- a/service/emrcontainers/endpoints.go +++ b/service/emrcontainers/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emrcontainers/options.go b/service/emrcontainers/options.go index 44235eaa69e..614ba4db1a1 100644 --- a/service/emrcontainers/options.go +++ b/service/emrcontainers/options.go @@ -5,6 +5,7 @@ package emrcontainers import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emrserverless/api_client.go b/service/emrserverless/api_client.go index cc257d7576c..7d8155e4186 100644 --- a/service/emrserverless/api_client.go +++ b/service/emrserverless/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/emrserverless/auth.go b/service/emrserverless/auth.go index deb3f26d0e3..ccbafaf0d8c 100644 --- a/service/emrserverless/auth.go +++ b/service/emrserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emrserverless/endpoints.go b/service/emrserverless/endpoints.go index 2708c36f9c6..ac3a900efc2 100644 --- a/service/emrserverless/endpoints.go +++ b/service/emrserverless/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emrserverless/options.go b/service/emrserverless/options.go index 9846f62e8c8..81828dc7fef 100644 --- a/service/emrserverless/options.go +++ b/service/emrserverless/options.go @@ -5,6 +5,7 @@ package emrserverless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/entityresolution/api_client.go b/service/entityresolution/api_client.go index ba5fb293cf5..d7fcecfb915 100644 --- a/service/entityresolution/api_client.go +++ b/service/entityresolution/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/entityresolution/auth.go b/service/entityresolution/auth.go index 2f84e6c3c1a..43039a08628 100644 --- a/service/entityresolution/auth.go +++ b/service/entityresolution/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/entityresolution/endpoints.go b/service/entityresolution/endpoints.go index 2f8b96ad0e3..65154bd60ad 100644 --- a/service/entityresolution/endpoints.go +++ b/service/entityresolution/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/entityresolution/options.go b/service/entityresolution/options.go index 6ed3e8aa213..5a9fc4c63fb 100644 --- a/service/entityresolution/options.go +++ b/service/entityresolution/options.go @@ -5,6 +5,7 @@ package entityresolution import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eventbridge/api_client.go b/service/eventbridge/api_client.go index b5da74926ff..96cce448f10 100644 --- a/service/eventbridge/api_client.go +++ b/service/eventbridge/api_client.go @@ -244,15 +244,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/eventbridge/auth.go b/service/eventbridge/auth.go index 5623cfb524d..8041a3dad83 100644 --- a/service/eventbridge/auth.go +++ b/service/eventbridge/auth.go @@ -12,12 +12,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } -func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { - params.endpointParams = bindEndpointParams(input, options) +func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options, ctx context.Context) { + params.endpointParams = bindEndpointParams(input, options, ctx) } type setLegacyContextSigningOptionsMiddleware struct { @@ -98,13 +98,13 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthEndpointParams(params, input, options) - bindAuthParamsRegion(params, input, options) + bindAuthEndpointParams(params, input, options, ctx) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -164,7 +164,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eventbridge/endpoints.go b/service/eventbridge/endpoints.go index f79efc60d97..ec40e7872b0 100644 --- a/service/eventbridge/endpoints.go +++ b/service/eventbridge/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -597,7 +598,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -626,6 +627,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -636,7 +640,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eventbridge/options.go b/service/eventbridge/options.go index 8784fd46d99..2840e5d15ed 100644 --- a/service/eventbridge/options.go +++ b/service/eventbridge/options.go @@ -6,6 +6,7 @@ import ( "context" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" "github.com/aws/aws-sdk-go-v2/internal/v4a" @@ -26,6 +27,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/evidently/api_client.go b/service/evidently/api_client.go index aed8455a685..2a68d9c2846 100644 --- a/service/evidently/api_client.go +++ b/service/evidently/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/evidently/auth.go b/service/evidently/auth.go index 3a8a8a429f7..a0bb5e75d35 100644 --- a/service/evidently/auth.go +++ b/service/evidently/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/evidently/endpoints.go b/service/evidently/endpoints.go index 8755aaafec4..8bb5b89d078 100644 --- a/service/evidently/endpoints.go +++ b/service/evidently/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/evidently/options.go b/service/evidently/options.go index d48d85e5264..09f918d8d95 100644 --- a/service/evidently/options.go +++ b/service/evidently/options.go @@ -5,6 +5,7 @@ package evidently import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/finspace/api_client.go b/service/finspace/api_client.go index 486a6799118..32d446534b1 100644 --- a/service/finspace/api_client.go +++ b/service/finspace/api_client.go @@ -235,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/finspace/auth.go b/service/finspace/auth.go index 6095c338a3e..718bccd93c3 100644 --- a/service/finspace/auth.go +++ b/service/finspace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/finspace/endpoints.go b/service/finspace/endpoints.go index 8544bc049cc..8a68e154960 100644 --- a/service/finspace/endpoints.go +++ b/service/finspace/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/finspace/options.go b/service/finspace/options.go index d05e3f637db..62fe9054e20 100644 --- a/service/finspace/options.go +++ b/service/finspace/options.go @@ -5,6 +5,7 @@ package finspace import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/finspacedata/api_client.go b/service/finspacedata/api_client.go index f845e2efab4..6da52ebea2f 100644 --- a/service/finspacedata/api_client.go +++ b/service/finspacedata/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/finspacedata/auth.go b/service/finspacedata/auth.go index cd1251577e0..48acceefc52 100644 --- a/service/finspacedata/auth.go +++ b/service/finspacedata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/finspacedata/endpoints.go b/service/finspacedata/endpoints.go index be4297ded9f..7968f6ce183 100644 --- a/service/finspacedata/endpoints.go +++ b/service/finspacedata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/finspacedata/options.go b/service/finspacedata/options.go index ce1e20d6833..16835bddbf3 100644 --- a/service/finspacedata/options.go +++ b/service/finspacedata/options.go @@ -5,6 +5,7 @@ package finspacedata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/firehose/api_client.go b/service/firehose/api_client.go index b82b5493162..a3b9dd7f3b9 100644 --- a/service/firehose/api_client.go +++ b/service/firehose/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/firehose/auth.go b/service/firehose/auth.go index 7481cb66ed5..c7cb55dffc7 100644 --- a/service/firehose/auth.go +++ b/service/firehose/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/firehose/endpoints.go b/service/firehose/endpoints.go index eb0a926e753..0c260bbaeee 100644 --- a/service/firehose/endpoints.go +++ b/service/firehose/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/firehose/options.go b/service/firehose/options.go index 3cd93b7b433..29ea67d8e39 100644 --- a/service/firehose/options.go +++ b/service/firehose/options.go @@ -5,6 +5,7 @@ package firehose import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fis/api_client.go b/service/fis/api_client.go index 33f8df0c913..b0c559248e3 100644 --- a/service/fis/api_client.go +++ b/service/fis/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/fis/auth.go b/service/fis/auth.go index 1fdfb6d6b58..c69a3010fcc 100644 --- a/service/fis/auth.go +++ b/service/fis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fis/endpoints.go b/service/fis/endpoints.go index 6ee556216c9..86faa495004 100644 --- a/service/fis/endpoints.go +++ b/service/fis/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fis/options.go b/service/fis/options.go index 0e200e39066..e00ee31d151 100644 --- a/service/fis/options.go +++ b/service/fis/options.go @@ -5,6 +5,7 @@ package fis import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fms/api_client.go b/service/fms/api_client.go index dc13905d692..9d14c28544f 100644 --- a/service/fms/api_client.go +++ b/service/fms/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/fms/auth.go b/service/fms/auth.go index 2e5e9adeebb..c16c72a28f8 100644 --- a/service/fms/auth.go +++ b/service/fms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fms/endpoints.go b/service/fms/endpoints.go index e062464a0a8..f3d38164777 100644 --- a/service/fms/endpoints.go +++ b/service/fms/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fms/options.go b/service/fms/options.go index 2105e2eabb0..4c0c4394958 100644 --- a/service/fms/options.go +++ b/service/fms/options.go @@ -5,6 +5,7 @@ package fms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/forecast/api_client.go b/service/forecast/api_client.go index ea72a0e3fbf..d2a75b2718b 100644 --- a/service/forecast/api_client.go +++ b/service/forecast/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/forecast/auth.go b/service/forecast/auth.go index b8aab0c76bf..4aa95fc0259 100644 --- a/service/forecast/auth.go +++ b/service/forecast/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/forecast/endpoints.go b/service/forecast/endpoints.go index 7c2a1805524..a91d0e0635e 100644 --- a/service/forecast/endpoints.go +++ b/service/forecast/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/forecast/options.go b/service/forecast/options.go index 0cbc85cecd7..df8aecb19f9 100644 --- a/service/forecast/options.go +++ b/service/forecast/options.go @@ -5,6 +5,7 @@ package forecast import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/forecastquery/api_client.go b/service/forecastquery/api_client.go index 7da40e8caed..501ae334d47 100644 --- a/service/forecastquery/api_client.go +++ b/service/forecastquery/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/forecastquery/auth.go b/service/forecastquery/auth.go index f0bce8c4315..4e2dd83d5d6 100644 --- a/service/forecastquery/auth.go +++ b/service/forecastquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/forecastquery/endpoints.go b/service/forecastquery/endpoints.go index 68a4b64dcbc..c625bf8ab78 100644 --- a/service/forecastquery/endpoints.go +++ b/service/forecastquery/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/forecastquery/options.go b/service/forecastquery/options.go index bfd8c7ed464..681f916fef4 100644 --- a/service/forecastquery/options.go +++ b/service/forecastquery/options.go @@ -5,6 +5,7 @@ package forecastquery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/frauddetector/api_client.go b/service/frauddetector/api_client.go index b0b690a2d56..4cbfd990e86 100644 --- a/service/frauddetector/api_client.go +++ b/service/frauddetector/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/frauddetector/auth.go b/service/frauddetector/auth.go index 5250dd45969..5f0a891c741 100644 --- a/service/frauddetector/auth.go +++ b/service/frauddetector/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/frauddetector/endpoints.go b/service/frauddetector/endpoints.go index 65604deaad1..0e6ee884a4e 100644 --- a/service/frauddetector/endpoints.go +++ b/service/frauddetector/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/frauddetector/options.go b/service/frauddetector/options.go index 1d2051b056b..c4e1580e4a5 100644 --- a/service/frauddetector/options.go +++ b/service/frauddetector/options.go @@ -5,6 +5,7 @@ package frauddetector import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/freetier/api_client.go b/service/freetier/api_client.go index 19b4c569a04..1adf6f10fb3 100644 --- a/service/freetier/api_client.go +++ b/service/freetier/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/freetier/auth.go b/service/freetier/auth.go index a0ebc6c9548..bd587f40233 100644 --- a/service/freetier/auth.go +++ b/service/freetier/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/freetier/endpoints.go b/service/freetier/endpoints.go index 8e9a6f1a66d..413dc6b0f11 100644 --- a/service/freetier/endpoints.go +++ b/service/freetier/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -524,7 +525,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -552,6 +553,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -562,7 +566,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/freetier/options.go b/service/freetier/options.go index 432e3f85ff0..4b54d0dd3f9 100644 --- a/service/freetier/options.go +++ b/service/freetier/options.go @@ -5,6 +5,7 @@ package freetier import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fsx/api_client.go b/service/fsx/api_client.go index 4bc87eca7b0..9fd4d67a395 100644 --- a/service/fsx/api_client.go +++ b/service/fsx/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/fsx/auth.go b/service/fsx/auth.go index b76fcc777f7..55797f24e17 100644 --- a/service/fsx/auth.go +++ b/service/fsx/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fsx/endpoints.go b/service/fsx/endpoints.go index a6c962ce298..2aaaac4e0b9 100644 --- a/service/fsx/endpoints.go +++ b/service/fsx/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fsx/options.go b/service/fsx/options.go index b5ee9bcef82..2aa8ebc6b2b 100644 --- a/service/fsx/options.go +++ b/service/fsx/options.go @@ -5,6 +5,7 @@ package fsx import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/gamelift/api_client.go b/service/gamelift/api_client.go index 9c91f0d2803..05a53b2964d 100644 --- a/service/gamelift/api_client.go +++ b/service/gamelift/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/gamelift/auth.go b/service/gamelift/auth.go index c94d706bb7e..ca362ac2e28 100644 --- a/service/gamelift/auth.go +++ b/service/gamelift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/gamelift/endpoints.go b/service/gamelift/endpoints.go index 262afb6915a..af78f04eb1b 100644 --- a/service/gamelift/endpoints.go +++ b/service/gamelift/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/gamelift/options.go b/service/gamelift/options.go index e7f7d52575c..998c8abbf21 100644 --- a/service/gamelift/options.go +++ b/service/gamelift/options.go @@ -5,6 +5,7 @@ package gamelift import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/glacier/api_client.go b/service/glacier/api_client.go index 766f83f35ff..9a093904b0f 100644 --- a/service/glacier/api_client.go +++ b/service/glacier/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/glacier/auth.go b/service/glacier/auth.go index 1717f878207..78b97c182ef 100644 --- a/service/glacier/auth.go +++ b/service/glacier/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/glacier/endpoints.go b/service/glacier/endpoints.go index c35e88f098f..7274f3c2a5e 100644 --- a/service/glacier/endpoints.go +++ b/service/glacier/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/glacier/options.go b/service/glacier/options.go index d2555d6d115..f224cfc1e66 100644 --- a/service/glacier/options.go +++ b/service/glacier/options.go @@ -5,6 +5,7 @@ package glacier import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/globalaccelerator/api_client.go b/service/globalaccelerator/api_client.go index baf05e611d8..840d16f8d2c 100644 --- a/service/globalaccelerator/api_client.go +++ b/service/globalaccelerator/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/globalaccelerator/auth.go b/service/globalaccelerator/auth.go index 4cd6e297d35..8fa7395cb08 100644 --- a/service/globalaccelerator/auth.go +++ b/service/globalaccelerator/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/globalaccelerator/endpoints.go b/service/globalaccelerator/endpoints.go index 5f0c50b4758..9ebca7327f3 100644 --- a/service/globalaccelerator/endpoints.go +++ b/service/globalaccelerator/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/globalaccelerator/options.go b/service/globalaccelerator/options.go index 06c47c2a1c4..b304e5d780d 100644 --- a/service/globalaccelerator/options.go +++ b/service/globalaccelerator/options.go @@ -5,6 +5,7 @@ package globalaccelerator import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/glue/api_client.go b/service/glue/api_client.go index 40bd84bb622..022130bfb9e 100644 --- a/service/glue/api_client.go +++ b/service/glue/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/glue/auth.go b/service/glue/auth.go index e4f837742ce..9e8365d3e0c 100644 --- a/service/glue/auth.go +++ b/service/glue/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/glue/endpoints.go b/service/glue/endpoints.go index e1334664a32..ddb1094b07d 100644 --- a/service/glue/endpoints.go +++ b/service/glue/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/glue/options.go b/service/glue/options.go index 421fb06101a..f632f1e0d93 100644 --- a/service/glue/options.go +++ b/service/glue/options.go @@ -5,6 +5,7 @@ package glue import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/grafana/api_client.go b/service/grafana/api_client.go index 1c53c378a3b..26ecd5d6ba4 100644 --- a/service/grafana/api_client.go +++ b/service/grafana/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/grafana/auth.go b/service/grafana/auth.go index 336ae476fb6..b5c66d2c6d6 100644 --- a/service/grafana/auth.go +++ b/service/grafana/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/grafana/endpoints.go b/service/grafana/endpoints.go index 4f7a7328bea..d8447a58310 100644 --- a/service/grafana/endpoints.go +++ b/service/grafana/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/grafana/options.go b/service/grafana/options.go index 07343295723..bbc5ceb8680 100644 --- a/service/grafana/options.go +++ b/service/grafana/options.go @@ -5,6 +5,7 @@ package grafana import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/greengrass/api_client.go b/service/greengrass/api_client.go index 7239e78f5d1..e69f081f5a8 100644 --- a/service/greengrass/api_client.go +++ b/service/greengrass/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/greengrass/auth.go b/service/greengrass/auth.go index 020ca4e3efe..1b3d5c58519 100644 --- a/service/greengrass/auth.go +++ b/service/greengrass/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/greengrass/endpoints.go b/service/greengrass/endpoints.go index 9fdfe69982c..a22d8094183 100644 --- a/service/greengrass/endpoints.go +++ b/service/greengrass/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -526,7 +527,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -555,6 +556,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -565,7 +569,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/greengrass/options.go b/service/greengrass/options.go index 0d05863cc73..a73042ff6d9 100644 --- a/service/greengrass/options.go +++ b/service/greengrass/options.go @@ -5,6 +5,7 @@ package greengrass import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/greengrassv2/api_client.go b/service/greengrassv2/api_client.go index 1ab48153aed..cb077ae4467 100644 --- a/service/greengrassv2/api_client.go +++ b/service/greengrassv2/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/greengrassv2/auth.go b/service/greengrassv2/auth.go index e65fd863f17..34208e144a9 100644 --- a/service/greengrassv2/auth.go +++ b/service/greengrassv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/greengrassv2/endpoints.go b/service/greengrassv2/endpoints.go index 2d506fe1c1f..73d046e8068 100644 --- a/service/greengrassv2/endpoints.go +++ b/service/greengrassv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -526,7 +527,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -555,6 +556,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -565,7 +569,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/greengrassv2/options.go b/service/greengrassv2/options.go index 92d1b73838b..3986cc2eb0f 100644 --- a/service/greengrassv2/options.go +++ b/service/greengrassv2/options.go @@ -5,6 +5,7 @@ package greengrassv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/groundstation/api_client.go b/service/groundstation/api_client.go index e9bcc1b5cea..3289d77451f 100644 --- a/service/groundstation/api_client.go +++ b/service/groundstation/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/groundstation/auth.go b/service/groundstation/auth.go index 120c2285305..2d16a1dfdf6 100644 --- a/service/groundstation/auth.go +++ b/service/groundstation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/groundstation/endpoints.go b/service/groundstation/endpoints.go index 29bafc77cb4..a69cff2324c 100644 --- a/service/groundstation/endpoints.go +++ b/service/groundstation/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/groundstation/options.go b/service/groundstation/options.go index c744e570d72..7a45b361b4e 100644 --- a/service/groundstation/options.go +++ b/service/groundstation/options.go @@ -5,6 +5,7 @@ package groundstation import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/guardduty/api_client.go b/service/guardduty/api_client.go index 124e639eb78..e1a4b8fee1f 100644 --- a/service/guardduty/api_client.go +++ b/service/guardduty/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/guardduty/auth.go b/service/guardduty/auth.go index c0187b3da94..2b6dcf938e4 100644 --- a/service/guardduty/auth.go +++ b/service/guardduty/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/guardduty/endpoints.go b/service/guardduty/endpoints.go index 7af0cb8aa39..14fa189b7df 100644 --- a/service/guardduty/endpoints.go +++ b/service/guardduty/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/guardduty/options.go b/service/guardduty/options.go index 8c40066092d..68a28ef92f9 100644 --- a/service/guardduty/options.go +++ b/service/guardduty/options.go @@ -5,6 +5,7 @@ package guardduty import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/health/api_client.go b/service/health/api_client.go index a5fab6c9875..719c769ecf1 100644 --- a/service/health/api_client.go +++ b/service/health/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/health/auth.go b/service/health/auth.go index 4ec1bd7ad99..d4b728f2196 100644 --- a/service/health/auth.go +++ b/service/health/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/health/endpoints.go b/service/health/endpoints.go index 7e85ef0093e..754f55b168b 100644 --- a/service/health/endpoints.go +++ b/service/health/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -500,7 +501,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -529,6 +530,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -539,7 +543,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/health/options.go b/service/health/options.go index a820fd9d525..40f2fb07209 100644 --- a/service/health/options.go +++ b/service/health/options.go @@ -5,6 +5,7 @@ package health import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/healthlake/api_client.go b/service/healthlake/api_client.go index 005ff95cbc3..eb5739d151b 100644 --- a/service/healthlake/api_client.go +++ b/service/healthlake/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/healthlake/auth.go b/service/healthlake/auth.go index 41c504098a6..b4b0c3f75e9 100644 --- a/service/healthlake/auth.go +++ b/service/healthlake/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/healthlake/endpoints.go b/service/healthlake/endpoints.go index dcb139b8da2..c396f0814f0 100644 --- a/service/healthlake/endpoints.go +++ b/service/healthlake/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/healthlake/options.go b/service/healthlake/options.go index 49ab3b42377..1a02228b9ee 100644 --- a/service/healthlake/options.go +++ b/service/healthlake/options.go @@ -5,6 +5,7 @@ package healthlake import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/honeycode/api_client.go b/service/honeycode/api_client.go index a5572474d14..dee8e42974e 100644 --- a/service/honeycode/api_client.go +++ b/service/honeycode/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/honeycode/auth.go b/service/honeycode/auth.go index 0b88434d806..3c9a9530e56 100644 --- a/service/honeycode/auth.go +++ b/service/honeycode/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/honeycode/endpoints.go b/service/honeycode/endpoints.go index 2105e6d4969..6392cde4202 100644 --- a/service/honeycode/endpoints.go +++ b/service/honeycode/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/honeycode/options.go b/service/honeycode/options.go index aee88c423f5..4dbc3f2eb65 100644 --- a/service/honeycode/options.go +++ b/service/honeycode/options.go @@ -5,6 +5,7 @@ package honeycode import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iam/api_client.go b/service/iam/api_client.go index 5d38106aecc..a5620634648 100644 --- a/service/iam/api_client.go +++ b/service/iam/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iam/auth.go b/service/iam/auth.go index f7f5917156a..0f640262008 100644 --- a/service/iam/auth.go +++ b/service/iam/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iam/endpoints.go b/service/iam/endpoints.go index 63c2b352083..6143ead3884 100644 --- a/service/iam/endpoints.go +++ b/service/iam/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -746,7 +747,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -775,6 +776,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -785,7 +789,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iam/options.go b/service/iam/options.go index 9dc917618cf..b3885a41925 100644 --- a/service/iam/options.go +++ b/service/iam/options.go @@ -5,6 +5,7 @@ package iam import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/identitystore/api_client.go b/service/identitystore/api_client.go index 89d6c42e671..07017d763cf 100644 --- a/service/identitystore/api_client.go +++ b/service/identitystore/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/identitystore/auth.go b/service/identitystore/auth.go index 57fc2a7b377..74793797ece 100644 --- a/service/identitystore/auth.go +++ b/service/identitystore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/identitystore/endpoints.go b/service/identitystore/endpoints.go index 5eb3a365867..6a24db5dc8f 100644 --- a/service/identitystore/endpoints.go +++ b/service/identitystore/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/identitystore/options.go b/service/identitystore/options.go index 4d799bfbe1d..698bed42374 100644 --- a/service/identitystore/options.go +++ b/service/identitystore/options.go @@ -5,6 +5,7 @@ package identitystore import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/imagebuilder/api_client.go b/service/imagebuilder/api_client.go index 1675f1a7bdb..bd27d34eacf 100644 --- a/service/imagebuilder/api_client.go +++ b/service/imagebuilder/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/imagebuilder/auth.go b/service/imagebuilder/auth.go index a92e040d166..957668a0a87 100644 --- a/service/imagebuilder/auth.go +++ b/service/imagebuilder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/imagebuilder/endpoints.go b/service/imagebuilder/endpoints.go index 66b5621ed49..7bd6d1212ad 100644 --- a/service/imagebuilder/endpoints.go +++ b/service/imagebuilder/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/imagebuilder/options.go b/service/imagebuilder/options.go index 8d6360bb408..57b3b9c87d8 100644 --- a/service/imagebuilder/options.go +++ b/service/imagebuilder/options.go @@ -5,6 +5,7 @@ package imagebuilder import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspector/api_client.go b/service/inspector/api_client.go index f4d1ff8b807..28529aa67c1 100644 --- a/service/inspector/api_client.go +++ b/service/inspector/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/inspector/auth.go b/service/inspector/auth.go index 60736093ef4..7c55b40e3ba 100644 --- a/service/inspector/auth.go +++ b/service/inspector/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspector/endpoints.go b/service/inspector/endpoints.go index 49706fcfd59..8eae7cec96e 100644 --- a/service/inspector/endpoints.go +++ b/service/inspector/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspector/options.go b/service/inspector/options.go index 61d1610916f..d052c8462fd 100644 --- a/service/inspector/options.go +++ b/service/inspector/options.go @@ -5,6 +5,7 @@ package inspector import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspector2/api_client.go b/service/inspector2/api_client.go index 9afceaf2f10..98a963ced69 100644 --- a/service/inspector2/api_client.go +++ b/service/inspector2/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/inspector2/auth.go b/service/inspector2/auth.go index 300dff2a278..8233cfa658f 100644 --- a/service/inspector2/auth.go +++ b/service/inspector2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspector2/endpoints.go b/service/inspector2/endpoints.go index 813f2583447..2cd53d6144b 100644 --- a/service/inspector2/endpoints.go +++ b/service/inspector2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspector2/options.go b/service/inspector2/options.go index 7f2ffd7de25..738ef120ed0 100644 --- a/service/inspector2/options.go +++ b/service/inspector2/options.go @@ -5,6 +5,7 @@ package inspector2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspectorscan/api_client.go b/service/inspectorscan/api_client.go index 3b146a7116a..8113c3cd85a 100644 --- a/service/inspectorscan/api_client.go +++ b/service/inspectorscan/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/inspectorscan/auth.go b/service/inspectorscan/auth.go index e81c82b2a7a..393895e9c6f 100644 --- a/service/inspectorscan/auth.go +++ b/service/inspectorscan/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspectorscan/endpoints.go b/service/inspectorscan/endpoints.go index c58eb1dca39..01ec65c66e2 100644 --- a/service/inspectorscan/endpoints.go +++ b/service/inspectorscan/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspectorscan/options.go b/service/inspectorscan/options.go index bb5adfd027c..f453f4ad4eb 100644 --- a/service/inspectorscan/options.go +++ b/service/inspectorscan/options.go @@ -5,6 +5,7 @@ package inspectorscan import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/internetmonitor/api_client.go b/service/internetmonitor/api_client.go index c31b53565d3..9e0d83b48d5 100644 --- a/service/internetmonitor/api_client.go +++ b/service/internetmonitor/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/internetmonitor/auth.go b/service/internetmonitor/auth.go index 1b9db4666d2..e097047cc71 100644 --- a/service/internetmonitor/auth.go +++ b/service/internetmonitor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/internetmonitor/endpoints.go b/service/internetmonitor/endpoints.go index ce1031950a0..944339f1863 100644 --- a/service/internetmonitor/endpoints.go +++ b/service/internetmonitor/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/internetmonitor/options.go b/service/internetmonitor/options.go index eb145a63961..e4c661e18b9 100644 --- a/service/internetmonitor/options.go +++ b/service/internetmonitor/options.go @@ -5,6 +5,7 @@ package internetmonitor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot/api_client.go b/service/iot/api_client.go index 519b3ec012f..ef28b4127f1 100644 --- a/service/iot/api_client.go +++ b/service/iot/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iot/auth.go b/service/iot/auth.go index f93b65e53b8..f9d9f22f2a6 100644 --- a/service/iot/auth.go +++ b/service/iot/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot/endpoints.go b/service/iot/endpoints.go index 8367227ea33..e56611aa813 100644 --- a/service/iot/endpoints.go +++ b/service/iot/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -496,7 +497,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -525,6 +526,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot/options.go b/service/iot/options.go index 199ca1c2b5f..84ba066d1cd 100644 --- a/service/iot/options.go +++ b/service/iot/options.go @@ -5,6 +5,7 @@ package iot import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot1clickdevicesservice/api_client.go b/service/iot1clickdevicesservice/api_client.go index 3c7b030d2c9..19aa1075625 100644 --- a/service/iot1clickdevicesservice/api_client.go +++ b/service/iot1clickdevicesservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iot1clickdevicesservice/auth.go b/service/iot1clickdevicesservice/auth.go index 5a87b0f6beb..76797d9d941 100644 --- a/service/iot1clickdevicesservice/auth.go +++ b/service/iot1clickdevicesservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot1clickdevicesservice/endpoints.go b/service/iot1clickdevicesservice/endpoints.go index 60f57289c70..75af27c2183 100644 --- a/service/iot1clickdevicesservice/endpoints.go +++ b/service/iot1clickdevicesservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot1clickdevicesservice/options.go b/service/iot1clickdevicesservice/options.go index 2fa8d97b754..1497b53e2ac 100644 --- a/service/iot1clickdevicesservice/options.go +++ b/service/iot1clickdevicesservice/options.go @@ -5,6 +5,7 @@ package iot1clickdevicesservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot1clickprojects/api_client.go b/service/iot1clickprojects/api_client.go index df1f9a7b0d7..1f8335aa251 100644 --- a/service/iot1clickprojects/api_client.go +++ b/service/iot1clickprojects/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iot1clickprojects/auth.go b/service/iot1clickprojects/auth.go index be8461a7418..31b1e47cb6f 100644 --- a/service/iot1clickprojects/auth.go +++ b/service/iot1clickprojects/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot1clickprojects/endpoints.go b/service/iot1clickprojects/endpoints.go index 0d46c10c042..9bc22b1ca61 100644 --- a/service/iot1clickprojects/endpoints.go +++ b/service/iot1clickprojects/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot1clickprojects/options.go b/service/iot1clickprojects/options.go index c13808d2377..e7c5a140707 100644 --- a/service/iot1clickprojects/options.go +++ b/service/iot1clickprojects/options.go @@ -5,6 +5,7 @@ package iot1clickprojects import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotanalytics/api_client.go b/service/iotanalytics/api_client.go index 492acc2b50c..764ab59e1b4 100644 --- a/service/iotanalytics/api_client.go +++ b/service/iotanalytics/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotanalytics/auth.go b/service/iotanalytics/auth.go index 5e1bc48b217..9c1ffe3ad40 100644 --- a/service/iotanalytics/auth.go +++ b/service/iotanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotanalytics/endpoints.go b/service/iotanalytics/endpoints.go index a8012603e23..ec1def4e798 100644 --- a/service/iotanalytics/endpoints.go +++ b/service/iotanalytics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotanalytics/options.go b/service/iotanalytics/options.go index ab3fe3f26d8..5ab6d8b37b6 100644 --- a/service/iotanalytics/options.go +++ b/service/iotanalytics/options.go @@ -5,6 +5,7 @@ package iotanalytics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotdataplane/api_client.go b/service/iotdataplane/api_client.go index 3818b6fd2d4..86931fb7718 100644 --- a/service/iotdataplane/api_client.go +++ b/service/iotdataplane/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotdataplane/auth.go b/service/iotdataplane/auth.go index bcd7e31a15a..b44e7c29010 100644 --- a/service/iotdataplane/auth.go +++ b/service/iotdataplane/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotdataplane/endpoints.go b/service/iotdataplane/endpoints.go index b2d9a25e950..484fc61a08b 100644 --- a/service/iotdataplane/endpoints.go +++ b/service/iotdataplane/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -600,7 +601,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -629,6 +630,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -639,7 +643,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotdataplane/options.go b/service/iotdataplane/options.go index 8e802fe6d09..c3e316bb4c6 100644 --- a/service/iotdataplane/options.go +++ b/service/iotdataplane/options.go @@ -5,6 +5,7 @@ package iotdataplane import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotdeviceadvisor/api_client.go b/service/iotdeviceadvisor/api_client.go index 25496ac786d..edca3bdf219 100644 --- a/service/iotdeviceadvisor/api_client.go +++ b/service/iotdeviceadvisor/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotdeviceadvisor/auth.go b/service/iotdeviceadvisor/auth.go index f0aac369978..043b213dde7 100644 --- a/service/iotdeviceadvisor/auth.go +++ b/service/iotdeviceadvisor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotdeviceadvisor/endpoints.go b/service/iotdeviceadvisor/endpoints.go index b9c2f06076f..8523b83a3f0 100644 --- a/service/iotdeviceadvisor/endpoints.go +++ b/service/iotdeviceadvisor/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotdeviceadvisor/options.go b/service/iotdeviceadvisor/options.go index caba27c91ba..1f11b11a428 100644 --- a/service/iotdeviceadvisor/options.go +++ b/service/iotdeviceadvisor/options.go @@ -5,6 +5,7 @@ package iotdeviceadvisor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotevents/api_client.go b/service/iotevents/api_client.go index c9d98db9733..e254e9a5427 100644 --- a/service/iotevents/api_client.go +++ b/service/iotevents/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotevents/auth.go b/service/iotevents/auth.go index 939517f776b..5e6c1fd0277 100644 --- a/service/iotevents/auth.go +++ b/service/iotevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotevents/endpoints.go b/service/iotevents/endpoints.go index 9066eef1a3a..ec87ffb8005 100644 --- a/service/iotevents/endpoints.go +++ b/service/iotevents/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotevents/options.go b/service/iotevents/options.go index 27666fc52a3..eeacf9e2596 100644 --- a/service/iotevents/options.go +++ b/service/iotevents/options.go @@ -5,6 +5,7 @@ package iotevents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ioteventsdata/api_client.go b/service/ioteventsdata/api_client.go index d95a7b2511c..723ac1299af 100644 --- a/service/ioteventsdata/api_client.go +++ b/service/ioteventsdata/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ioteventsdata/auth.go b/service/ioteventsdata/auth.go index 2c70588bff5..36c655c7129 100644 --- a/service/ioteventsdata/auth.go +++ b/service/ioteventsdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ioteventsdata/endpoints.go b/service/ioteventsdata/endpoints.go index 69501db45c5..f9624a36cd3 100644 --- a/service/ioteventsdata/endpoints.go +++ b/service/ioteventsdata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ioteventsdata/options.go b/service/ioteventsdata/options.go index a3338820dd7..2dcb2b48852 100644 --- a/service/ioteventsdata/options.go +++ b/service/ioteventsdata/options.go @@ -5,6 +5,7 @@ package ioteventsdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotfleethub/api_client.go b/service/iotfleethub/api_client.go index 229e658030d..b04b6de5932 100644 --- a/service/iotfleethub/api_client.go +++ b/service/iotfleethub/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotfleethub/auth.go b/service/iotfleethub/auth.go index 0d2df7e3252..4058e712271 100644 --- a/service/iotfleethub/auth.go +++ b/service/iotfleethub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotfleethub/endpoints.go b/service/iotfleethub/endpoints.go index f7ebf1b67dc..2a927eb6c65 100644 --- a/service/iotfleethub/endpoints.go +++ b/service/iotfleethub/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotfleethub/options.go b/service/iotfleethub/options.go index 5914b462b71..d1fe1499ccb 100644 --- a/service/iotfleethub/options.go +++ b/service/iotfleethub/options.go @@ -5,6 +5,7 @@ package iotfleethub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotfleetwise/api_client.go b/service/iotfleetwise/api_client.go index f12a101247d..3d0b18ebe20 100644 --- a/service/iotfleetwise/api_client.go +++ b/service/iotfleetwise/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotfleetwise/auth.go b/service/iotfleetwise/auth.go index de7d6acd364..ec6773e73de 100644 --- a/service/iotfleetwise/auth.go +++ b/service/iotfleetwise/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotfleetwise/endpoints.go b/service/iotfleetwise/endpoints.go index a1250878f0f..6484d0e5ea7 100644 --- a/service/iotfleetwise/endpoints.go +++ b/service/iotfleetwise/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotfleetwise/options.go b/service/iotfleetwise/options.go index 3bc794cb501..f5b70e35507 100644 --- a/service/iotfleetwise/options.go +++ b/service/iotfleetwise/options.go @@ -5,6 +5,7 @@ package iotfleetwise import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotjobsdataplane/api_client.go b/service/iotjobsdataplane/api_client.go index 9cf1529cc03..608d8ba8414 100644 --- a/service/iotjobsdataplane/api_client.go +++ b/service/iotjobsdataplane/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotjobsdataplane/auth.go b/service/iotjobsdataplane/auth.go index a6801b8c1b4..8a754ee0a35 100644 --- a/service/iotjobsdataplane/auth.go +++ b/service/iotjobsdataplane/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotjobsdataplane/endpoints.go b/service/iotjobsdataplane/endpoints.go index 43020833366..aebf183c851 100644 --- a/service/iotjobsdataplane/endpoints.go +++ b/service/iotjobsdataplane/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotjobsdataplane/options.go b/service/iotjobsdataplane/options.go index 036fc7d5a3d..4f01b59ca2b 100644 --- a/service/iotjobsdataplane/options.go +++ b/service/iotjobsdataplane/options.go @@ -5,6 +5,7 @@ package iotjobsdataplane import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotroborunner/api_client.go b/service/iotroborunner/api_client.go index 0c17961849b..9cb8966fa6d 100644 --- a/service/iotroborunner/api_client.go +++ b/service/iotroborunner/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotroborunner/auth.go b/service/iotroborunner/auth.go index 697a1a31481..279237c241d 100644 --- a/service/iotroborunner/auth.go +++ b/service/iotroborunner/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotroborunner/endpoints.go b/service/iotroborunner/endpoints.go index 284143f194c..9f43d0873de 100644 --- a/service/iotroborunner/endpoints.go +++ b/service/iotroborunner/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotroborunner/options.go b/service/iotroborunner/options.go index 66da194453c..d4adc8d0b1d 100644 --- a/service/iotroborunner/options.go +++ b/service/iotroborunner/options.go @@ -5,6 +5,7 @@ package iotroborunner import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotsecuretunneling/api_client.go b/service/iotsecuretunneling/api_client.go index 4b053479eb6..32711d1629e 100644 --- a/service/iotsecuretunneling/api_client.go +++ b/service/iotsecuretunneling/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotsecuretunneling/auth.go b/service/iotsecuretunneling/auth.go index d12b1128098..9673aa03f2e 100644 --- a/service/iotsecuretunneling/auth.go +++ b/service/iotsecuretunneling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotsecuretunneling/endpoints.go b/service/iotsecuretunneling/endpoints.go index 51a1262646c..0e1cd27f691 100644 --- a/service/iotsecuretunneling/endpoints.go +++ b/service/iotsecuretunneling/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotsecuretunneling/options.go b/service/iotsecuretunneling/options.go index 25e5ad67504..d0ae283bb62 100644 --- a/service/iotsecuretunneling/options.go +++ b/service/iotsecuretunneling/options.go @@ -5,6 +5,7 @@ package iotsecuretunneling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotsitewise/api_client.go b/service/iotsitewise/api_client.go index d41c68d0b0a..2b7f1ce27bf 100644 --- a/service/iotsitewise/api_client.go +++ b/service/iotsitewise/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotsitewise/auth.go b/service/iotsitewise/auth.go index 95d3461977a..a959966abfa 100644 --- a/service/iotsitewise/auth.go +++ b/service/iotsitewise/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotsitewise/endpoints.go b/service/iotsitewise/endpoints.go index ef281df7d4c..3e9b2fd669b 100644 --- a/service/iotsitewise/endpoints.go +++ b/service/iotsitewise/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotsitewise/options.go b/service/iotsitewise/options.go index af7c6568caf..da029166a24 100644 --- a/service/iotsitewise/options.go +++ b/service/iotsitewise/options.go @@ -5,6 +5,7 @@ package iotsitewise import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotthingsgraph/api_client.go b/service/iotthingsgraph/api_client.go index bfc8e4f9899..7724e97130e 100644 --- a/service/iotthingsgraph/api_client.go +++ b/service/iotthingsgraph/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotthingsgraph/auth.go b/service/iotthingsgraph/auth.go index e921eea19a9..3e484c33eac 100644 --- a/service/iotthingsgraph/auth.go +++ b/service/iotthingsgraph/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotthingsgraph/endpoints.go b/service/iotthingsgraph/endpoints.go index 0fcd54ff137..54c41e0d059 100644 --- a/service/iotthingsgraph/endpoints.go +++ b/service/iotthingsgraph/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotthingsgraph/options.go b/service/iotthingsgraph/options.go index 489330e364f..7026e66fe39 100644 --- a/service/iotthingsgraph/options.go +++ b/service/iotthingsgraph/options.go @@ -5,6 +5,7 @@ package iotthingsgraph import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iottwinmaker/api_client.go b/service/iottwinmaker/api_client.go index cc32e441eb0..8e5d48f1ddd 100644 --- a/service/iottwinmaker/api_client.go +++ b/service/iottwinmaker/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iottwinmaker/auth.go b/service/iottwinmaker/auth.go index 4082445a598..e5abb12f1f4 100644 --- a/service/iottwinmaker/auth.go +++ b/service/iottwinmaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iottwinmaker/endpoints.go b/service/iottwinmaker/endpoints.go index 8837e37acd5..9a47d984d65 100644 --- a/service/iottwinmaker/endpoints.go +++ b/service/iottwinmaker/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iottwinmaker/options.go b/service/iottwinmaker/options.go index b383a8eefbd..c3acc8d641f 100644 --- a/service/iottwinmaker/options.go +++ b/service/iottwinmaker/options.go @@ -5,6 +5,7 @@ package iottwinmaker import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotwireless/api_client.go b/service/iotwireless/api_client.go index f1af554281f..16f8d3a9bfb 100644 --- a/service/iotwireless/api_client.go +++ b/service/iotwireless/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotwireless/auth.go b/service/iotwireless/auth.go index e1533afc719..f2d0f696017 100644 --- a/service/iotwireless/auth.go +++ b/service/iotwireless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotwireless/endpoints.go b/service/iotwireless/endpoints.go index 859c2c601fb..73eb5a8c254 100644 --- a/service/iotwireless/endpoints.go +++ b/service/iotwireless/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotwireless/options.go b/service/iotwireless/options.go index e09b0f114a6..64f45aa952f 100644 --- a/service/iotwireless/options.go +++ b/service/iotwireless/options.go @@ -5,6 +5,7 @@ package iotwireless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivs/api_client.go b/service/ivs/api_client.go index 407e79125d3..eb409a4ecfb 100644 --- a/service/ivs/api_client.go +++ b/service/ivs/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ivs/auth.go b/service/ivs/auth.go index f9c868d5f5b..65731d3d421 100644 --- a/service/ivs/auth.go +++ b/service/ivs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivs/endpoints.go b/service/ivs/endpoints.go index fa87921e9d2..b1234b2e268 100644 --- a/service/ivs/endpoints.go +++ b/service/ivs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivs/options.go b/service/ivs/options.go index 42de105a27b..e95aafcd7ad 100644 --- a/service/ivs/options.go +++ b/service/ivs/options.go @@ -5,6 +5,7 @@ package ivs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivschat/api_client.go b/service/ivschat/api_client.go index 70c10bcbbd4..a389fc13bf2 100644 --- a/service/ivschat/api_client.go +++ b/service/ivschat/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ivschat/auth.go b/service/ivschat/auth.go index 8a7d30529c1..1b9cf687fc3 100644 --- a/service/ivschat/auth.go +++ b/service/ivschat/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivschat/endpoints.go b/service/ivschat/endpoints.go index c35c7072cca..79f49ead956 100644 --- a/service/ivschat/endpoints.go +++ b/service/ivschat/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivschat/options.go b/service/ivschat/options.go index 5ac40291045..5b2f0a3387c 100644 --- a/service/ivschat/options.go +++ b/service/ivschat/options.go @@ -5,6 +5,7 @@ package ivschat import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivsrealtime/api_client.go b/service/ivsrealtime/api_client.go index f0d26f99e1c..1d77133ca3c 100644 --- a/service/ivsrealtime/api_client.go +++ b/service/ivsrealtime/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ivsrealtime/auth.go b/service/ivsrealtime/auth.go index 68eb6c1b273..4b4eebb5973 100644 --- a/service/ivsrealtime/auth.go +++ b/service/ivsrealtime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivsrealtime/endpoints.go b/service/ivsrealtime/endpoints.go index 464a425df6b..ed2c7a7d4e3 100644 --- a/service/ivsrealtime/endpoints.go +++ b/service/ivsrealtime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivsrealtime/options.go b/service/ivsrealtime/options.go index fe1efedca94..d42496a9f01 100644 --- a/service/ivsrealtime/options.go +++ b/service/ivsrealtime/options.go @@ -5,6 +5,7 @@ package ivsrealtime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kafka/api_client.go b/service/kafka/api_client.go index ddd2ad02516..4d531f3a8a2 100644 --- a/service/kafka/api_client.go +++ b/service/kafka/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kafka/auth.go b/service/kafka/auth.go index 01c30d877a0..c9a9e8ef520 100644 --- a/service/kafka/auth.go +++ b/service/kafka/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kafka/endpoints.go b/service/kafka/endpoints.go index 2918c72bf42..9e4e90a54a9 100644 --- a/service/kafka/endpoints.go +++ b/service/kafka/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kafka/options.go b/service/kafka/options.go index 54a2483b5ed..b4606c49244 100644 --- a/service/kafka/options.go +++ b/service/kafka/options.go @@ -5,6 +5,7 @@ package kafka import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kafkaconnect/api_client.go b/service/kafkaconnect/api_client.go index 81d5230e4b8..c9ff7c10b2d 100644 --- a/service/kafkaconnect/api_client.go +++ b/service/kafkaconnect/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kafkaconnect/auth.go b/service/kafkaconnect/auth.go index 75479b40336..aa6d8619171 100644 --- a/service/kafkaconnect/auth.go +++ b/service/kafkaconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kafkaconnect/endpoints.go b/service/kafkaconnect/endpoints.go index 5cd226f485f..a3723ce5ebb 100644 --- a/service/kafkaconnect/endpoints.go +++ b/service/kafkaconnect/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kafkaconnect/options.go b/service/kafkaconnect/options.go index fdedd8301b6..9fafac0b65d 100644 --- a/service/kafkaconnect/options.go +++ b/service/kafkaconnect/options.go @@ -5,6 +5,7 @@ package kafkaconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kendra/api_client.go b/service/kendra/api_client.go index 1b8d9916446..6c52e3ebe2c 100644 --- a/service/kendra/api_client.go +++ b/service/kendra/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kendra/auth.go b/service/kendra/auth.go index 0f13f7f8a0a..e7365135e54 100644 --- a/service/kendra/auth.go +++ b/service/kendra/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kendra/endpoints.go b/service/kendra/endpoints.go index 7a3d474e2fc..828d9bd9ac8 100644 --- a/service/kendra/endpoints.go +++ b/service/kendra/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kendra/options.go b/service/kendra/options.go index 8e9db820070..560aa6a725d 100644 --- a/service/kendra/options.go +++ b/service/kendra/options.go @@ -5,6 +5,7 @@ package kendra import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kendraranking/api_client.go b/service/kendraranking/api_client.go index a1ae08835d4..6ece037dc22 100644 --- a/service/kendraranking/api_client.go +++ b/service/kendraranking/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kendraranking/auth.go b/service/kendraranking/auth.go index 30fcdd4b20c..a6c14361905 100644 --- a/service/kendraranking/auth.go +++ b/service/kendraranking/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kendraranking/endpoints.go b/service/kendraranking/endpoints.go index ba740265be8..63d1d1f9a08 100644 --- a/service/kendraranking/endpoints.go +++ b/service/kendraranking/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -411,7 +412,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -439,6 +440,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kendraranking/options.go b/service/kendraranking/options.go index 5aab840a035..ea77efa8f3d 100644 --- a/service/kendraranking/options.go +++ b/service/kendraranking/options.go @@ -5,6 +5,7 @@ package kendraranking import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/keyspaces/api_client.go b/service/keyspaces/api_client.go index 2fed93d4d2e..7d01973180c 100644 --- a/service/keyspaces/api_client.go +++ b/service/keyspaces/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/keyspaces/auth.go b/service/keyspaces/auth.go index 56b83a4a676..da889c0cca8 100644 --- a/service/keyspaces/auth.go +++ b/service/keyspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/keyspaces/endpoints.go b/service/keyspaces/endpoints.go index 66c8c2e2cef..19a0c547801 100644 --- a/service/keyspaces/endpoints.go +++ b/service/keyspaces/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/keyspaces/options.go b/service/keyspaces/options.go index 1cf9545f6fe..6a73d684298 100644 --- a/service/keyspaces/options.go +++ b/service/keyspaces/options.go @@ -5,6 +5,7 @@ package keyspaces import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesis/api_client.go b/service/kinesis/api_client.go index e5903efe291..c17ad5c3a8a 100644 --- a/service/kinesis/api_client.go +++ b/service/kinesis/api_client.go @@ -231,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesis/auth.go b/service/kinesis/auth.go index 0702f8afad6..769a34f5d17 100644 --- a/service/kinesis/auth.go +++ b/service/kinesis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesis/endpoints.go b/service/kinesis/endpoints.go index 481add9802a..1b649f70fa9 100644 --- a/service/kinesis/endpoints.go +++ b/service/kinesis/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -1014,7 +1015,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1043,6 +1044,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -1053,7 +1057,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesis/options.go b/service/kinesis/options.go index 155ced3b14e..ecd387359dc 100644 --- a/service/kinesis/options.go +++ b/service/kinesis/options.go @@ -5,6 +5,7 @@ package kinesis import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisanalytics/api_client.go b/service/kinesisanalytics/api_client.go index 001245171df..4ca4159250b 100644 --- a/service/kinesisanalytics/api_client.go +++ b/service/kinesisanalytics/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisanalytics/auth.go b/service/kinesisanalytics/auth.go index b588328b8fb..320bee298c6 100644 --- a/service/kinesisanalytics/auth.go +++ b/service/kinesisanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisanalytics/endpoints.go b/service/kinesisanalytics/endpoints.go index e8516117c18..bac8fc37a18 100644 --- a/service/kinesisanalytics/endpoints.go +++ b/service/kinesisanalytics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisanalytics/options.go b/service/kinesisanalytics/options.go index 678065e55f0..4966606d254 100644 --- a/service/kinesisanalytics/options.go +++ b/service/kinesisanalytics/options.go @@ -5,6 +5,7 @@ package kinesisanalytics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisanalyticsv2/api_client.go b/service/kinesisanalyticsv2/api_client.go index c911134ef43..c7bb1c6ac81 100644 --- a/service/kinesisanalyticsv2/api_client.go +++ b/service/kinesisanalyticsv2/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisanalyticsv2/auth.go b/service/kinesisanalyticsv2/auth.go index 72d79992f4e..6dbf122c0d3 100644 --- a/service/kinesisanalyticsv2/auth.go +++ b/service/kinesisanalyticsv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisanalyticsv2/endpoints.go b/service/kinesisanalyticsv2/endpoints.go index 764a42dc0eb..f6a153b7777 100644 --- a/service/kinesisanalyticsv2/endpoints.go +++ b/service/kinesisanalyticsv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisanalyticsv2/options.go b/service/kinesisanalyticsv2/options.go index 5feab711b94..ada53257f10 100644 --- a/service/kinesisanalyticsv2/options.go +++ b/service/kinesisanalyticsv2/options.go @@ -5,6 +5,7 @@ package kinesisanalyticsv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideo/api_client.go b/service/kinesisvideo/api_client.go index 73258f4b0a5..861132daee5 100644 --- a/service/kinesisvideo/api_client.go +++ b/service/kinesisvideo/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideo/auth.go b/service/kinesisvideo/auth.go index 8d90b1f6265..1c9a2cf3363 100644 --- a/service/kinesisvideo/auth.go +++ b/service/kinesisvideo/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideo/endpoints.go b/service/kinesisvideo/endpoints.go index 04994a1ef9c..edd988ecb14 100644 --- a/service/kinesisvideo/endpoints.go +++ b/service/kinesisvideo/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideo/options.go b/service/kinesisvideo/options.go index 92065738972..98a72578499 100644 --- a/service/kinesisvideo/options.go +++ b/service/kinesisvideo/options.go @@ -5,6 +5,7 @@ package kinesisvideo import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideoarchivedmedia/api_client.go b/service/kinesisvideoarchivedmedia/api_client.go index 02f3104137d..12fdee2f701 100644 --- a/service/kinesisvideoarchivedmedia/api_client.go +++ b/service/kinesisvideoarchivedmedia/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideoarchivedmedia/auth.go b/service/kinesisvideoarchivedmedia/auth.go index 320e348943a..58bd760e8d4 100644 --- a/service/kinesisvideoarchivedmedia/auth.go +++ b/service/kinesisvideoarchivedmedia/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideoarchivedmedia/endpoints.go b/service/kinesisvideoarchivedmedia/endpoints.go index 0980accef36..34378ac26b6 100644 --- a/service/kinesisvideoarchivedmedia/endpoints.go +++ b/service/kinesisvideoarchivedmedia/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideoarchivedmedia/options.go b/service/kinesisvideoarchivedmedia/options.go index b277a36e668..a4dfe627b49 100644 --- a/service/kinesisvideoarchivedmedia/options.go +++ b/service/kinesisvideoarchivedmedia/options.go @@ -5,6 +5,7 @@ package kinesisvideoarchivedmedia import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideomedia/api_client.go b/service/kinesisvideomedia/api_client.go index 57d1add87f2..8ae8c3c2909 100644 --- a/service/kinesisvideomedia/api_client.go +++ b/service/kinesisvideomedia/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideomedia/auth.go b/service/kinesisvideomedia/auth.go index 08ed5503a49..27c4d7bac73 100644 --- a/service/kinesisvideomedia/auth.go +++ b/service/kinesisvideomedia/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideomedia/endpoints.go b/service/kinesisvideomedia/endpoints.go index f45a74cbe28..22f0e356099 100644 --- a/service/kinesisvideomedia/endpoints.go +++ b/service/kinesisvideomedia/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideomedia/options.go b/service/kinesisvideomedia/options.go index f8da0363744..7316206cc72 100644 --- a/service/kinesisvideomedia/options.go +++ b/service/kinesisvideomedia/options.go @@ -5,6 +5,7 @@ package kinesisvideomedia import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideosignaling/api_client.go b/service/kinesisvideosignaling/api_client.go index abeb789548c..593a956d57b 100644 --- a/service/kinesisvideosignaling/api_client.go +++ b/service/kinesisvideosignaling/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideosignaling/auth.go b/service/kinesisvideosignaling/auth.go index 33d74b57825..779b65e83cf 100644 --- a/service/kinesisvideosignaling/auth.go +++ b/service/kinesisvideosignaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideosignaling/endpoints.go b/service/kinesisvideosignaling/endpoints.go index 775e4688bdb..8259740c259 100644 --- a/service/kinesisvideosignaling/endpoints.go +++ b/service/kinesisvideosignaling/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideosignaling/options.go b/service/kinesisvideosignaling/options.go index adbe7cd35e6..ad31b1451ac 100644 --- a/service/kinesisvideosignaling/options.go +++ b/service/kinesisvideosignaling/options.go @@ -5,6 +5,7 @@ package kinesisvideosignaling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideowebrtcstorage/api_client.go b/service/kinesisvideowebrtcstorage/api_client.go index a8242ccb12b..fbae5120a9c 100644 --- a/service/kinesisvideowebrtcstorage/api_client.go +++ b/service/kinesisvideowebrtcstorage/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideowebrtcstorage/auth.go b/service/kinesisvideowebrtcstorage/auth.go index 6ccefb2a3b0..cce746de842 100644 --- a/service/kinesisvideowebrtcstorage/auth.go +++ b/service/kinesisvideowebrtcstorage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideowebrtcstorage/endpoints.go b/service/kinesisvideowebrtcstorage/endpoints.go index 752c853c2f7..1c23f4bbc06 100644 --- a/service/kinesisvideowebrtcstorage/endpoints.go +++ b/service/kinesisvideowebrtcstorage/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideowebrtcstorage/options.go b/service/kinesisvideowebrtcstorage/options.go index 31c132932f3..08c810627ac 100644 --- a/service/kinesisvideowebrtcstorage/options.go +++ b/service/kinesisvideowebrtcstorage/options.go @@ -5,6 +5,7 @@ package kinesisvideowebrtcstorage import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kms/api_client.go b/service/kms/api_client.go index d1af622670f..ca4ae7eaff1 100644 --- a/service/kms/api_client.go +++ b/service/kms/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kms/auth.go b/service/kms/auth.go index 16619a43751..b9f4aeb519a 100644 --- a/service/kms/auth.go +++ b/service/kms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kms/endpoints.go b/service/kms/endpoints.go index 0538b4ef969..5fdbb917c83 100644 --- a/service/kms/endpoints.go +++ b/service/kms/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kms/options.go b/service/kms/options.go index b24e2565947..a02f191ee59 100644 --- a/service/kms/options.go +++ b/service/kms/options.go @@ -5,6 +5,7 @@ package kms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lakeformation/api_client.go b/service/lakeformation/api_client.go index 53da5289e06..aea3281c388 100644 --- a/service/lakeformation/api_client.go +++ b/service/lakeformation/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lakeformation/auth.go b/service/lakeformation/auth.go index 7091cfcb8f3..1d1b86d0319 100644 --- a/service/lakeformation/auth.go +++ b/service/lakeformation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lakeformation/endpoints.go b/service/lakeformation/endpoints.go index a4fdec742d0..900b588c610 100644 --- a/service/lakeformation/endpoints.go +++ b/service/lakeformation/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lakeformation/options.go b/service/lakeformation/options.go index 012d57d12fa..9f787e2a1b2 100644 --- a/service/lakeformation/options.go +++ b/service/lakeformation/options.go @@ -5,6 +5,7 @@ package lakeformation import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lambda/api_client.go b/service/lambda/api_client.go index 13b202fb74d..a974b1eb951 100644 --- a/service/lambda/api_client.go +++ b/service/lambda/api_client.go @@ -231,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lambda/auth.go b/service/lambda/auth.go index 200f694bbba..fc70bdaa313 100644 --- a/service/lambda/auth.go +++ b/service/lambda/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lambda/endpoints.go b/service/lambda/endpoints.go index 0af3882c89a..2997f15fb52 100644 --- a/service/lambda/endpoints.go +++ b/service/lambda/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lambda/options.go b/service/lambda/options.go index e76e46c8a01..20014985ab6 100644 --- a/service/lambda/options.go +++ b/service/lambda/options.go @@ -5,6 +5,7 @@ package lambda import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/launchwizard/api_client.go b/service/launchwizard/api_client.go index edeb3e75dc7..ad61b0beb95 100644 --- a/service/launchwizard/api_client.go +++ b/service/launchwizard/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/launchwizard/auth.go b/service/launchwizard/auth.go index 02543832307..25164250c94 100644 --- a/service/launchwizard/auth.go +++ b/service/launchwizard/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/launchwizard/endpoints.go b/service/launchwizard/endpoints.go index 18335ddcb88..002f828a81f 100644 --- a/service/launchwizard/endpoints.go +++ b/service/launchwizard/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/launchwizard/options.go b/service/launchwizard/options.go index a41eb676711..01ea210d226 100644 --- a/service/launchwizard/options.go +++ b/service/launchwizard/options.go @@ -5,6 +5,7 @@ package launchwizard import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexmodelbuildingservice/api_client.go b/service/lexmodelbuildingservice/api_client.go index 53088b6bfd9..e429653cb1a 100644 --- a/service/lexmodelbuildingservice/api_client.go +++ b/service/lexmodelbuildingservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexmodelbuildingservice/auth.go b/service/lexmodelbuildingservice/auth.go index 855958233cd..365ad0e0071 100644 --- a/service/lexmodelbuildingservice/auth.go +++ b/service/lexmodelbuildingservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexmodelbuildingservice/endpoints.go b/service/lexmodelbuildingservice/endpoints.go index 06abb2ee1a3..104ff636296 100644 --- a/service/lexmodelbuildingservice/endpoints.go +++ b/service/lexmodelbuildingservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -515,7 +516,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -544,6 +545,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -554,7 +558,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexmodelbuildingservice/options.go b/service/lexmodelbuildingservice/options.go index 18157169360..84c7165eae8 100644 --- a/service/lexmodelbuildingservice/options.go +++ b/service/lexmodelbuildingservice/options.go @@ -5,6 +5,7 @@ package lexmodelbuildingservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexmodelsv2/api_client.go b/service/lexmodelsv2/api_client.go index 03d774e4259..dc739b296da 100644 --- a/service/lexmodelsv2/api_client.go +++ b/service/lexmodelsv2/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexmodelsv2/auth.go b/service/lexmodelsv2/auth.go index 2e4a3cd17eb..1c74cbc14e8 100644 --- a/service/lexmodelsv2/auth.go +++ b/service/lexmodelsv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexmodelsv2/endpoints.go b/service/lexmodelsv2/endpoints.go index 7f1a249dcf8..88eceb9eab3 100644 --- a/service/lexmodelsv2/endpoints.go +++ b/service/lexmodelsv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexmodelsv2/options.go b/service/lexmodelsv2/options.go index a26948027ae..82a3fb0e921 100644 --- a/service/lexmodelsv2/options.go +++ b/service/lexmodelsv2/options.go @@ -5,6 +5,7 @@ package lexmodelsv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexruntimeservice/api_client.go b/service/lexruntimeservice/api_client.go index 019ba17822a..2d394055b7f 100644 --- a/service/lexruntimeservice/api_client.go +++ b/service/lexruntimeservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexruntimeservice/auth.go b/service/lexruntimeservice/auth.go index 7d399d0f393..93ce9135fb6 100644 --- a/service/lexruntimeservice/auth.go +++ b/service/lexruntimeservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexruntimeservice/endpoints.go b/service/lexruntimeservice/endpoints.go index e21e8d7e6c8..b67ca84a434 100644 --- a/service/lexruntimeservice/endpoints.go +++ b/service/lexruntimeservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -515,7 +516,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -544,6 +545,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -554,7 +558,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexruntimeservice/options.go b/service/lexruntimeservice/options.go index adef318e20c..af99dd6f231 100644 --- a/service/lexruntimeservice/options.go +++ b/service/lexruntimeservice/options.go @@ -5,6 +5,7 @@ package lexruntimeservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexruntimev2/api_client.go b/service/lexruntimev2/api_client.go index ea81162288d..ea969f1a1f4 100644 --- a/service/lexruntimev2/api_client.go +++ b/service/lexruntimev2/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexruntimev2/auth.go b/service/lexruntimev2/auth.go index ae56fab8e1e..bb81065f692 100644 --- a/service/lexruntimev2/auth.go +++ b/service/lexruntimev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexruntimev2/endpoints.go b/service/lexruntimev2/endpoints.go index c2cc0c059e1..fcf4afb329c 100644 --- a/service/lexruntimev2/endpoints.go +++ b/service/lexruntimev2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexruntimev2/options.go b/service/lexruntimev2/options.go index 9f4d6b480db..f82a7b39c94 100644 --- a/service/lexruntimev2/options.go +++ b/service/lexruntimev2/options.go @@ -5,6 +5,7 @@ package lexruntimev2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanager/api_client.go b/service/licensemanager/api_client.go index e3c31e05e57..8cb156934d0 100644 --- a/service/licensemanager/api_client.go +++ b/service/licensemanager/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/licensemanager/auth.go b/service/licensemanager/auth.go index d31986262d4..b33bd00121e 100644 --- a/service/licensemanager/auth.go +++ b/service/licensemanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanager/endpoints.go b/service/licensemanager/endpoints.go index 8544d3dab2b..a42f4e22750 100644 --- a/service/licensemanager/endpoints.go +++ b/service/licensemanager/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanager/options.go b/service/licensemanager/options.go index ee36a821e3c..83b7c00902e 100644 --- a/service/licensemanager/options.go +++ b/service/licensemanager/options.go @@ -5,6 +5,7 @@ package licensemanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanagerlinuxsubscriptions/api_client.go b/service/licensemanagerlinuxsubscriptions/api_client.go index 7717700004c..6438101f9ee 100644 --- a/service/licensemanagerlinuxsubscriptions/api_client.go +++ b/service/licensemanagerlinuxsubscriptions/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/licensemanagerlinuxsubscriptions/auth.go b/service/licensemanagerlinuxsubscriptions/auth.go index 496c786519d..b73f9b12640 100644 --- a/service/licensemanagerlinuxsubscriptions/auth.go +++ b/service/licensemanagerlinuxsubscriptions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanagerlinuxsubscriptions/endpoints.go b/service/licensemanagerlinuxsubscriptions/endpoints.go index a16699e7071..2f2a97e3560 100644 --- a/service/licensemanagerlinuxsubscriptions/endpoints.go +++ b/service/licensemanagerlinuxsubscriptions/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanagerlinuxsubscriptions/options.go b/service/licensemanagerlinuxsubscriptions/options.go index c8dd48f8d40..1a264694ce7 100644 --- a/service/licensemanagerlinuxsubscriptions/options.go +++ b/service/licensemanagerlinuxsubscriptions/options.go @@ -5,6 +5,7 @@ package licensemanagerlinuxsubscriptions import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanagerusersubscriptions/api_client.go b/service/licensemanagerusersubscriptions/api_client.go index 74dcf96df9c..2c53b00a8aa 100644 --- a/service/licensemanagerusersubscriptions/api_client.go +++ b/service/licensemanagerusersubscriptions/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/licensemanagerusersubscriptions/auth.go b/service/licensemanagerusersubscriptions/auth.go index b9bd20f3bdd..b1f26d4fb1a 100644 --- a/service/licensemanagerusersubscriptions/auth.go +++ b/service/licensemanagerusersubscriptions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanagerusersubscriptions/endpoints.go b/service/licensemanagerusersubscriptions/endpoints.go index 2cd7222c10a..83a22db497c 100644 --- a/service/licensemanagerusersubscriptions/endpoints.go +++ b/service/licensemanagerusersubscriptions/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanagerusersubscriptions/options.go b/service/licensemanagerusersubscriptions/options.go index cdbf6317e85..64cddf9d600 100644 --- a/service/licensemanagerusersubscriptions/options.go +++ b/service/licensemanagerusersubscriptions/options.go @@ -5,6 +5,7 @@ package licensemanagerusersubscriptions import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lightsail/api_client.go b/service/lightsail/api_client.go index 044f62c4932..e7c0ef3b5a9 100644 --- a/service/lightsail/api_client.go +++ b/service/lightsail/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lightsail/auth.go b/service/lightsail/auth.go index ead0dd5f2fd..d74c22c81eb 100644 --- a/service/lightsail/auth.go +++ b/service/lightsail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lightsail/endpoints.go b/service/lightsail/endpoints.go index fb1bf128e26..bb4c73923bc 100644 --- a/service/lightsail/endpoints.go +++ b/service/lightsail/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lightsail/options.go b/service/lightsail/options.go index ec95be44fc2..362dc1dc340 100644 --- a/service/lightsail/options.go +++ b/service/lightsail/options.go @@ -5,6 +5,7 @@ package lightsail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/location/api_client.go b/service/location/api_client.go index 2df8ba8a5eb..36f298eb57c 100644 --- a/service/location/api_client.go +++ b/service/location/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/location/auth.go b/service/location/auth.go index ed1aedaf4a6..dde484a61a5 100644 --- a/service/location/auth.go +++ b/service/location/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/location/endpoints.go b/service/location/endpoints.go index 84c111e236b..ea6e9735133 100644 --- a/service/location/endpoints.go +++ b/service/location/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/location/options.go b/service/location/options.go index b2f09612356..e657e792067 100644 --- a/service/location/options.go +++ b/service/location/options.go @@ -5,6 +5,7 @@ package location import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutequipment/api_client.go b/service/lookoutequipment/api_client.go index 51e382cdebf..a8b97045f27 100644 --- a/service/lookoutequipment/api_client.go +++ b/service/lookoutequipment/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lookoutequipment/auth.go b/service/lookoutequipment/auth.go index d15f3f05e4d..12962b819df 100644 --- a/service/lookoutequipment/auth.go +++ b/service/lookoutequipment/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutequipment/endpoints.go b/service/lookoutequipment/endpoints.go index d9f066daf80..ccbcf35a3b4 100644 --- a/service/lookoutequipment/endpoints.go +++ b/service/lookoutequipment/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutequipment/options.go b/service/lookoutequipment/options.go index dbb223aa037..08ccc523f8b 100644 --- a/service/lookoutequipment/options.go +++ b/service/lookoutequipment/options.go @@ -5,6 +5,7 @@ package lookoutequipment import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutmetrics/api_client.go b/service/lookoutmetrics/api_client.go index 99ebf1c1a07..90e26379639 100644 --- a/service/lookoutmetrics/api_client.go +++ b/service/lookoutmetrics/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lookoutmetrics/auth.go b/service/lookoutmetrics/auth.go index c2aef4c15d9..d32b5cdec01 100644 --- a/service/lookoutmetrics/auth.go +++ b/service/lookoutmetrics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutmetrics/endpoints.go b/service/lookoutmetrics/endpoints.go index 32c5fa523fa..2c6a1c43f79 100644 --- a/service/lookoutmetrics/endpoints.go +++ b/service/lookoutmetrics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutmetrics/options.go b/service/lookoutmetrics/options.go index 2438aeaa481..5423b767489 100644 --- a/service/lookoutmetrics/options.go +++ b/service/lookoutmetrics/options.go @@ -5,6 +5,7 @@ package lookoutmetrics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutvision/api_client.go b/service/lookoutvision/api_client.go index f8c1d6214fe..5dbc96b9a07 100644 --- a/service/lookoutvision/api_client.go +++ b/service/lookoutvision/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lookoutvision/auth.go b/service/lookoutvision/auth.go index c13d3ef3a71..d758b3bddd5 100644 --- a/service/lookoutvision/auth.go +++ b/service/lookoutvision/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutvision/endpoints.go b/service/lookoutvision/endpoints.go index a8cd3971ae2..a91d10d6bda 100644 --- a/service/lookoutvision/endpoints.go +++ b/service/lookoutvision/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutvision/options.go b/service/lookoutvision/options.go index ba9ea96c772..13b02e9b1a1 100644 --- a/service/lookoutvision/options.go +++ b/service/lookoutvision/options.go @@ -5,6 +5,7 @@ package lookoutvision import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/m2/api_client.go b/service/m2/api_client.go index b5ed62e95f0..c401aea1785 100644 --- a/service/m2/api_client.go +++ b/service/m2/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/m2/auth.go b/service/m2/auth.go index b0ca0a88579..a0eab95fa11 100644 --- a/service/m2/auth.go +++ b/service/m2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/m2/endpoints.go b/service/m2/endpoints.go index 6b337737c16..4ac986eff04 100644 --- a/service/m2/endpoints.go +++ b/service/m2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/m2/options.go b/service/m2/options.go index eaa056a41d4..3459f43f267 100644 --- a/service/m2/options.go +++ b/service/m2/options.go @@ -5,6 +5,7 @@ package m2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/machinelearning/api_client.go b/service/machinelearning/api_client.go index d4aa4264e49..bd3bcc38f31 100644 --- a/service/machinelearning/api_client.go +++ b/service/machinelearning/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/machinelearning/auth.go b/service/machinelearning/auth.go index b43ad6a0989..4e9ddab5e8f 100644 --- a/service/machinelearning/auth.go +++ b/service/machinelearning/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/machinelearning/endpoints.go b/service/machinelearning/endpoints.go index 69c28ba5014..92b1b7c1d37 100644 --- a/service/machinelearning/endpoints.go +++ b/service/machinelearning/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/machinelearning/options.go b/service/machinelearning/options.go index daf5223a2f6..ce1a887faf3 100644 --- a/service/machinelearning/options.go +++ b/service/machinelearning/options.go @@ -5,6 +5,7 @@ package machinelearning import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/macie2/api_client.go b/service/macie2/api_client.go index 0bf2e931cc2..4945927e6ca 100644 --- a/service/macie2/api_client.go +++ b/service/macie2/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/macie2/auth.go b/service/macie2/auth.go index b383ee11f22..7574f48e773 100644 --- a/service/macie2/auth.go +++ b/service/macie2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/macie2/endpoints.go b/service/macie2/endpoints.go index 53a35328dee..7098a143cc8 100644 --- a/service/macie2/endpoints.go +++ b/service/macie2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/macie2/options.go b/service/macie2/options.go index bf8cee97437..f2fe50aa89d 100644 --- a/service/macie2/options.go +++ b/service/macie2/options.go @@ -5,6 +5,7 @@ package macie2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchain/api_client.go b/service/managedblockchain/api_client.go index 1e298400fa4..aef75819b9e 100644 --- a/service/managedblockchain/api_client.go +++ b/service/managedblockchain/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/managedblockchain/auth.go b/service/managedblockchain/auth.go index 6bb7ffb526c..df676d93ca8 100644 --- a/service/managedblockchain/auth.go +++ b/service/managedblockchain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/managedblockchain/endpoints.go b/service/managedblockchain/endpoints.go index 0ef23158815..94785b15782 100644 --- a/service/managedblockchain/endpoints.go +++ b/service/managedblockchain/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/managedblockchain/options.go b/service/managedblockchain/options.go index d6b01206e49..99a7ad09b45 100644 --- a/service/managedblockchain/options.go +++ b/service/managedblockchain/options.go @@ -5,6 +5,7 @@ package managedblockchain import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchainquery/api_client.go b/service/managedblockchainquery/api_client.go index fc2c5ad82e2..770a6da9a03 100644 --- a/service/managedblockchainquery/api_client.go +++ b/service/managedblockchainquery/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/managedblockchainquery/auth.go b/service/managedblockchainquery/auth.go index 64a0ee71614..661ffe02bc0 100644 --- a/service/managedblockchainquery/auth.go +++ b/service/managedblockchainquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/managedblockchainquery/endpoints.go b/service/managedblockchainquery/endpoints.go index 749fcc2ac10..99fed3f1e6c 100644 --- a/service/managedblockchainquery/endpoints.go +++ b/service/managedblockchainquery/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/managedblockchainquery/options.go b/service/managedblockchainquery/options.go index 8738f17a254..c62eedf17a3 100644 --- a/service/managedblockchainquery/options.go +++ b/service/managedblockchainquery/options.go @@ -5,6 +5,7 @@ package managedblockchainquery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplaceagreement/api_client.go b/service/marketplaceagreement/api_client.go index 7f31cb35e23..deaa05c61d7 100644 --- a/service/marketplaceagreement/api_client.go +++ b/service/marketplaceagreement/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplaceagreement/auth.go b/service/marketplaceagreement/auth.go index e1158bbbfc5..c1f3a2c5d1c 100644 --- a/service/marketplaceagreement/auth.go +++ b/service/marketplaceagreement/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplaceagreement/endpoints.go b/service/marketplaceagreement/endpoints.go index 222ab02977c..9f04053f420 100644 --- a/service/marketplaceagreement/endpoints.go +++ b/service/marketplaceagreement/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplaceagreement/options.go b/service/marketplaceagreement/options.go index 9ee60337932..69901a1aa9f 100644 --- a/service/marketplaceagreement/options.go +++ b/service/marketplaceagreement/options.go @@ -5,6 +5,7 @@ package marketplaceagreement import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacecatalog/api_client.go b/service/marketplacecatalog/api_client.go index a94eff98f03..a8b7cc583e0 100644 --- a/service/marketplacecatalog/api_client.go +++ b/service/marketplacecatalog/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacecatalog/auth.go b/service/marketplacecatalog/auth.go index 98603fa0055..d43b5a461b1 100644 --- a/service/marketplacecatalog/auth.go +++ b/service/marketplacecatalog/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacecatalog/endpoints.go b/service/marketplacecatalog/endpoints.go index 4e09bf38b86..1e61354ee87 100644 --- a/service/marketplacecatalog/endpoints.go +++ b/service/marketplacecatalog/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacecatalog/options.go b/service/marketplacecatalog/options.go index 8b1efa9bf6c..7a194077033 100644 --- a/service/marketplacecatalog/options.go +++ b/service/marketplacecatalog/options.go @@ -5,6 +5,7 @@ package marketplacecatalog import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacecommerceanalytics/api_client.go b/service/marketplacecommerceanalytics/api_client.go index f4737961f1f..14cb4007610 100644 --- a/service/marketplacecommerceanalytics/api_client.go +++ b/service/marketplacecommerceanalytics/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacecommerceanalytics/auth.go b/service/marketplacecommerceanalytics/auth.go index f72a1ed55b5..3bdcbea59b1 100644 --- a/service/marketplacecommerceanalytics/auth.go +++ b/service/marketplacecommerceanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacecommerceanalytics/endpoints.go b/service/marketplacecommerceanalytics/endpoints.go index b2967415c94..7ad9a1448ba 100644 --- a/service/marketplacecommerceanalytics/endpoints.go +++ b/service/marketplacecommerceanalytics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacecommerceanalytics/options.go b/service/marketplacecommerceanalytics/options.go index 1330c0fc695..7fe65f074aa 100644 --- a/service/marketplacecommerceanalytics/options.go +++ b/service/marketplacecommerceanalytics/options.go @@ -5,6 +5,7 @@ package marketplacecommerceanalytics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacedeployment/api_client.go b/service/marketplacedeployment/api_client.go index bff64b9f55c..7d3c2f6903d 100644 --- a/service/marketplacedeployment/api_client.go +++ b/service/marketplacedeployment/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacedeployment/auth.go b/service/marketplacedeployment/auth.go index 6081e5a7ee2..a4d8ac3dc90 100644 --- a/service/marketplacedeployment/auth.go +++ b/service/marketplacedeployment/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacedeployment/endpoints.go b/service/marketplacedeployment/endpoints.go index 084d0800395..2b01f77a008 100644 --- a/service/marketplacedeployment/endpoints.go +++ b/service/marketplacedeployment/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacedeployment/options.go b/service/marketplacedeployment/options.go index 8389de8c430..bc0d5eb2b3c 100644 --- a/service/marketplacedeployment/options.go +++ b/service/marketplacedeployment/options.go @@ -5,6 +5,7 @@ package marketplacedeployment import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplaceentitlementservice/api_client.go b/service/marketplaceentitlementservice/api_client.go index 36162952e35..318ba6cb60a 100644 --- a/service/marketplaceentitlementservice/api_client.go +++ b/service/marketplaceentitlementservice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplaceentitlementservice/auth.go b/service/marketplaceentitlementservice/auth.go index f75c7f9d95a..8f529c0f9e7 100644 --- a/service/marketplaceentitlementservice/auth.go +++ b/service/marketplaceentitlementservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplaceentitlementservice/endpoints.go b/service/marketplaceentitlementservice/endpoints.go index 584121f1218..a77f0dc653a 100644 --- a/service/marketplaceentitlementservice/endpoints.go +++ b/service/marketplaceentitlementservice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplaceentitlementservice/options.go b/service/marketplaceentitlementservice/options.go index c2184e89dfb..3eb575e66b4 100644 --- a/service/marketplaceentitlementservice/options.go +++ b/service/marketplaceentitlementservice/options.go @@ -5,6 +5,7 @@ package marketplaceentitlementservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacemetering/api_client.go b/service/marketplacemetering/api_client.go index fcee0835df1..57d1d368463 100644 --- a/service/marketplacemetering/api_client.go +++ b/service/marketplacemetering/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacemetering/auth.go b/service/marketplacemetering/auth.go index c1bf21503b1..4e5a1475d5e 100644 --- a/service/marketplacemetering/auth.go +++ b/service/marketplacemetering/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacemetering/endpoints.go b/service/marketplacemetering/endpoints.go index 6f24a81c2bf..df87c84d9f4 100644 --- a/service/marketplacemetering/endpoints.go +++ b/service/marketplacemetering/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacemetering/options.go b/service/marketplacemetering/options.go index 37da8e25dcc..652b8f87c0f 100644 --- a/service/marketplacemetering/options.go +++ b/service/marketplacemetering/options.go @@ -5,6 +5,7 @@ package marketplacemetering import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediaconnect/api_client.go b/service/mediaconnect/api_client.go index 9ac8bbee459..4df6f71a25a 100644 --- a/service/mediaconnect/api_client.go +++ b/service/mediaconnect/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediaconnect/auth.go b/service/mediaconnect/auth.go index 4df5cfc35e8..c52eea54593 100644 --- a/service/mediaconnect/auth.go +++ b/service/mediaconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediaconnect/endpoints.go b/service/mediaconnect/endpoints.go index 714175918f0..c054118a3f1 100644 --- a/service/mediaconnect/endpoints.go +++ b/service/mediaconnect/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediaconnect/options.go b/service/mediaconnect/options.go index ee6b25da336..a2219ba9792 100644 --- a/service/mediaconnect/options.go +++ b/service/mediaconnect/options.go @@ -5,6 +5,7 @@ package mediaconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediaconvert/api_client.go b/service/mediaconvert/api_client.go index daa31c39223..e0ad545c3b3 100644 --- a/service/mediaconvert/api_client.go +++ b/service/mediaconvert/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediaconvert/auth.go b/service/mediaconvert/auth.go index f82fcebb752..ebdbfad5214 100644 --- a/service/mediaconvert/auth.go +++ b/service/mediaconvert/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediaconvert/endpoints.go b/service/mediaconvert/endpoints.go index 12a69bc1ad0..77dde7c52c9 100644 --- a/service/mediaconvert/endpoints.go +++ b/service/mediaconvert/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -471,7 +472,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -500,6 +501,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -510,7 +514,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediaconvert/options.go b/service/mediaconvert/options.go index 4fe061edf71..b9ec05dde27 100644 --- a/service/mediaconvert/options.go +++ b/service/mediaconvert/options.go @@ -5,6 +5,7 @@ package mediaconvert import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/medialive/api_client.go b/service/medialive/api_client.go index f44853ad5ed..7930889e52a 100644 --- a/service/medialive/api_client.go +++ b/service/medialive/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/medialive/auth.go b/service/medialive/auth.go index 46fb5302d22..eca4a343b97 100644 --- a/service/medialive/auth.go +++ b/service/medialive/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/medialive/endpoints.go b/service/medialive/endpoints.go index 6747f6d5094..f2fd2653e9c 100644 --- a/service/medialive/endpoints.go +++ b/service/medialive/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/medialive/options.go b/service/medialive/options.go index ec81cc5dee8..906bedd029e 100644 --- a/service/medialive/options.go +++ b/service/medialive/options.go @@ -5,6 +5,7 @@ package medialive import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackage/api_client.go b/service/mediapackage/api_client.go index 8b0165e9f20..b88b64afbc2 100644 --- a/service/mediapackage/api_client.go +++ b/service/mediapackage/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediapackage/auth.go b/service/mediapackage/auth.go index c0c4052adc4..9c0d0e34e02 100644 --- a/service/mediapackage/auth.go +++ b/service/mediapackage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackage/endpoints.go b/service/mediapackage/endpoints.go index 7ceaab9f193..46e7b10a246 100644 --- a/service/mediapackage/endpoints.go +++ b/service/mediapackage/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackage/options.go b/service/mediapackage/options.go index 39ec32fa1d3..66f5330e130 100644 --- a/service/mediapackage/options.go +++ b/service/mediapackage/options.go @@ -5,6 +5,7 @@ package mediapackage import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackagev2/api_client.go b/service/mediapackagev2/api_client.go index 7760163f498..c53bab86282 100644 --- a/service/mediapackagev2/api_client.go +++ b/service/mediapackagev2/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediapackagev2/auth.go b/service/mediapackagev2/auth.go index 27bb7dc022e..791629e9ce4 100644 --- a/service/mediapackagev2/auth.go +++ b/service/mediapackagev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackagev2/endpoints.go b/service/mediapackagev2/endpoints.go index 9fc9c51dce6..54dfb5ccb8c 100644 --- a/service/mediapackagev2/endpoints.go +++ b/service/mediapackagev2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackagev2/options.go b/service/mediapackagev2/options.go index 1675fdc9ee6..1c6c9b88900 100644 --- a/service/mediapackagev2/options.go +++ b/service/mediapackagev2/options.go @@ -5,6 +5,7 @@ package mediapackagev2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackagevod/api_client.go b/service/mediapackagevod/api_client.go index cca6e4fe24f..50b50060556 100644 --- a/service/mediapackagevod/api_client.go +++ b/service/mediapackagevod/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediapackagevod/auth.go b/service/mediapackagevod/auth.go index 11fbafdc5e2..52c18c78cbb 100644 --- a/service/mediapackagevod/auth.go +++ b/service/mediapackagevod/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackagevod/endpoints.go b/service/mediapackagevod/endpoints.go index dfab9252ff8..ee04ce6942f 100644 --- a/service/mediapackagevod/endpoints.go +++ b/service/mediapackagevod/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackagevod/options.go b/service/mediapackagevod/options.go index c442d68e51b..d8c3a9c4d3f 100644 --- a/service/mediapackagevod/options.go +++ b/service/mediapackagevod/options.go @@ -5,6 +5,7 @@ package mediapackagevod import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediastore/api_client.go b/service/mediastore/api_client.go index 7d7beff274b..7ca337d7565 100644 --- a/service/mediastore/api_client.go +++ b/service/mediastore/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediastore/auth.go b/service/mediastore/auth.go index 9c4b4f065e2..540449408d7 100644 --- a/service/mediastore/auth.go +++ b/service/mediastore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediastore/endpoints.go b/service/mediastore/endpoints.go index 4caf3f4d7cd..5dd950aaf38 100644 --- a/service/mediastore/endpoints.go +++ b/service/mediastore/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediastore/options.go b/service/mediastore/options.go index eb2dfdac997..86e62e711e0 100644 --- a/service/mediastore/options.go +++ b/service/mediastore/options.go @@ -5,6 +5,7 @@ package mediastore import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediastoredata/api_client.go b/service/mediastoredata/api_client.go index 87910bd1e6c..8816f75ed0e 100644 --- a/service/mediastoredata/api_client.go +++ b/service/mediastoredata/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediastoredata/auth.go b/service/mediastoredata/auth.go index 5a1fd4fe886..3d13eeb3ca6 100644 --- a/service/mediastoredata/auth.go +++ b/service/mediastoredata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediastoredata/endpoints.go b/service/mediastoredata/endpoints.go index 87419ddaede..821ab04e9ea 100644 --- a/service/mediastoredata/endpoints.go +++ b/service/mediastoredata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediastoredata/options.go b/service/mediastoredata/options.go index dc72f32ff42..61336a7f260 100644 --- a/service/mediastoredata/options.go +++ b/service/mediastoredata/options.go @@ -5,6 +5,7 @@ package mediastoredata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediatailor/api_client.go b/service/mediatailor/api_client.go index 7d4ed37034b..3f0bfbed352 100644 --- a/service/mediatailor/api_client.go +++ b/service/mediatailor/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediatailor/auth.go b/service/mediatailor/auth.go index 4d3bf974c6a..adfe620ba64 100644 --- a/service/mediatailor/auth.go +++ b/service/mediatailor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediatailor/endpoints.go b/service/mediatailor/endpoints.go index 03c305b96a8..a80cfa39ebb 100644 --- a/service/mediatailor/endpoints.go +++ b/service/mediatailor/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediatailor/options.go b/service/mediatailor/options.go index 6a54a999684..27c0a4808ec 100644 --- a/service/mediatailor/options.go +++ b/service/mediatailor/options.go @@ -5,6 +5,7 @@ package mediatailor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/medicalimaging/api_client.go b/service/medicalimaging/api_client.go index cdead324fbe..5ad49232bb4 100644 --- a/service/medicalimaging/api_client.go +++ b/service/medicalimaging/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/medicalimaging/auth.go b/service/medicalimaging/auth.go index 1650413683e..03a15b9526e 100644 --- a/service/medicalimaging/auth.go +++ b/service/medicalimaging/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/medicalimaging/endpoints.go b/service/medicalimaging/endpoints.go index f3517227e7e..4aa4abc5e56 100644 --- a/service/medicalimaging/endpoints.go +++ b/service/medicalimaging/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/medicalimaging/options.go b/service/medicalimaging/options.go index e58a40aff2c..7df740d9844 100644 --- a/service/medicalimaging/options.go +++ b/service/medicalimaging/options.go @@ -5,6 +5,7 @@ package medicalimaging import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/memorydb/api_client.go b/service/memorydb/api_client.go index c74e8a286d4..edf44d8955b 100644 --- a/service/memorydb/api_client.go +++ b/service/memorydb/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/memorydb/auth.go b/service/memorydb/auth.go index 9ea7dc9d2b7..7fd701638fe 100644 --- a/service/memorydb/auth.go +++ b/service/memorydb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/memorydb/endpoints.go b/service/memorydb/endpoints.go index c9c2d4f8a9d..662a553b0b5 100644 --- a/service/memorydb/endpoints.go +++ b/service/memorydb/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -470,7 +471,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -499,6 +500,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -509,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/memorydb/options.go b/service/memorydb/options.go index 8f1b5c652a2..16a564bcaa7 100644 --- a/service/memorydb/options.go +++ b/service/memorydb/options.go @@ -5,6 +5,7 @@ package memorydb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mgn/api_client.go b/service/mgn/api_client.go index f5ec7e498d0..7e49fd68043 100644 --- a/service/mgn/api_client.go +++ b/service/mgn/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mgn/auth.go b/service/mgn/auth.go index 033ec36a96a..87a7c4312a7 100644 --- a/service/mgn/auth.go +++ b/service/mgn/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mgn/endpoints.go b/service/mgn/endpoints.go index d2e114d35c5..da43921a3da 100644 --- a/service/mgn/endpoints.go +++ b/service/mgn/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mgn/options.go b/service/mgn/options.go index a9c905a99dc..29e522da472 100644 --- a/service/mgn/options.go +++ b/service/mgn/options.go @@ -5,6 +5,7 @@ package mgn import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhub/api_client.go b/service/migrationhub/api_client.go index dc6d33a9adf..516cb1f2025 100644 --- a/service/migrationhub/api_client.go +++ b/service/migrationhub/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhub/auth.go b/service/migrationhub/auth.go index d89541b35d6..554a0daff5e 100644 --- a/service/migrationhub/auth.go +++ b/service/migrationhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhub/endpoints.go b/service/migrationhub/endpoints.go index 15ba8c0f640..cba3b5a1ef6 100644 --- a/service/migrationhub/endpoints.go +++ b/service/migrationhub/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhub/options.go b/service/migrationhub/options.go index 63b9a730057..3b5159dd184 100644 --- a/service/migrationhub/options.go +++ b/service/migrationhub/options.go @@ -5,6 +5,7 @@ package migrationhub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubconfig/api_client.go b/service/migrationhubconfig/api_client.go index 1e18de4f824..c7bfd66a5aa 100644 --- a/service/migrationhubconfig/api_client.go +++ b/service/migrationhubconfig/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhubconfig/auth.go b/service/migrationhubconfig/auth.go index 267a296e096..e138c11a2c2 100644 --- a/service/migrationhubconfig/auth.go +++ b/service/migrationhubconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubconfig/endpoints.go b/service/migrationhubconfig/endpoints.go index d5bffddbe4a..4f45de7dedd 100644 --- a/service/migrationhubconfig/endpoints.go +++ b/service/migrationhubconfig/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubconfig/options.go b/service/migrationhubconfig/options.go index e769426399a..e6ef12fa3c7 100644 --- a/service/migrationhubconfig/options.go +++ b/service/migrationhubconfig/options.go @@ -5,6 +5,7 @@ package migrationhubconfig import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhuborchestrator/api_client.go b/service/migrationhuborchestrator/api_client.go index 2490eefc969..2d835e89ec2 100644 --- a/service/migrationhuborchestrator/api_client.go +++ b/service/migrationhuborchestrator/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhuborchestrator/auth.go b/service/migrationhuborchestrator/auth.go index dc6fe954b50..71f78b13f2a 100644 --- a/service/migrationhuborchestrator/auth.go +++ b/service/migrationhuborchestrator/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhuborchestrator/endpoints.go b/service/migrationhuborchestrator/endpoints.go index cf2a0dc7c0f..6551f2d3c82 100644 --- a/service/migrationhuborchestrator/endpoints.go +++ b/service/migrationhuborchestrator/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhuborchestrator/options.go b/service/migrationhuborchestrator/options.go index 99e3e91c710..8048d515e61 100644 --- a/service/migrationhuborchestrator/options.go +++ b/service/migrationhuborchestrator/options.go @@ -5,6 +5,7 @@ package migrationhuborchestrator import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubrefactorspaces/api_client.go b/service/migrationhubrefactorspaces/api_client.go index c1a5ac35d41..c77c8bcf08f 100644 --- a/service/migrationhubrefactorspaces/api_client.go +++ b/service/migrationhubrefactorspaces/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhubrefactorspaces/auth.go b/service/migrationhubrefactorspaces/auth.go index 79884622158..6bc8aa532d8 100644 --- a/service/migrationhubrefactorspaces/auth.go +++ b/service/migrationhubrefactorspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubrefactorspaces/endpoints.go b/service/migrationhubrefactorspaces/endpoints.go index 6e6d45c549f..c76e734d02b 100644 --- a/service/migrationhubrefactorspaces/endpoints.go +++ b/service/migrationhubrefactorspaces/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubrefactorspaces/options.go b/service/migrationhubrefactorspaces/options.go index dc47d3edcc7..b981b4f0fdf 100644 --- a/service/migrationhubrefactorspaces/options.go +++ b/service/migrationhubrefactorspaces/options.go @@ -5,6 +5,7 @@ package migrationhubrefactorspaces import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubstrategy/api_client.go b/service/migrationhubstrategy/api_client.go index e02e10bd6cf..89d565201fd 100644 --- a/service/migrationhubstrategy/api_client.go +++ b/service/migrationhubstrategy/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhubstrategy/auth.go b/service/migrationhubstrategy/auth.go index c26be3e35df..eae8240b218 100644 --- a/service/migrationhubstrategy/auth.go +++ b/service/migrationhubstrategy/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubstrategy/endpoints.go b/service/migrationhubstrategy/endpoints.go index 8913f590413..8beece08573 100644 --- a/service/migrationhubstrategy/endpoints.go +++ b/service/migrationhubstrategy/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubstrategy/options.go b/service/migrationhubstrategy/options.go index 988fd79ade1..38c0e8d5ce3 100644 --- a/service/migrationhubstrategy/options.go +++ b/service/migrationhubstrategy/options.go @@ -5,6 +5,7 @@ package migrationhubstrategy import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mobile/api_client.go b/service/mobile/api_client.go index 86e53f7f4a3..f3fb5bd9a14 100644 --- a/service/mobile/api_client.go +++ b/service/mobile/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mobile/auth.go b/service/mobile/auth.go index 0359b30e4ec..7daa9d88c2f 100644 --- a/service/mobile/auth.go +++ b/service/mobile/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mobile/endpoints.go b/service/mobile/endpoints.go index 787d1a6ca30..c3d999ff8f4 100644 --- a/service/mobile/endpoints.go +++ b/service/mobile/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mobile/options.go b/service/mobile/options.go index 6d00135e699..3f031fdc169 100644 --- a/service/mobile/options.go +++ b/service/mobile/options.go @@ -5,6 +5,7 @@ package mobile import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mq/api_client.go b/service/mq/api_client.go index 9007e3b28fd..b769c129cda 100644 --- a/service/mq/api_client.go +++ b/service/mq/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mq/auth.go b/service/mq/auth.go index b4bd0b92966..e3e514ebf4b 100644 --- a/service/mq/auth.go +++ b/service/mq/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mq/endpoints.go b/service/mq/endpoints.go index cf8e2d3c097..4a3a45f1dde 100644 --- a/service/mq/endpoints.go +++ b/service/mq/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mq/options.go b/service/mq/options.go index 8f7eb0483e4..033c26e0af8 100644 --- a/service/mq/options.go +++ b/service/mq/options.go @@ -5,6 +5,7 @@ package mq import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mturk/api_client.go b/service/mturk/api_client.go index f99e2dc0611..eb7b91c937d 100644 --- a/service/mturk/api_client.go +++ b/service/mturk/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mturk/auth.go b/service/mturk/auth.go index 5ab097b2808..ba15308bfd6 100644 --- a/service/mturk/auth.go +++ b/service/mturk/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mturk/endpoints.go b/service/mturk/endpoints.go index f0dc2071be6..a54d592c3d6 100644 --- a/service/mturk/endpoints.go +++ b/service/mturk/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -452,7 +453,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -481,6 +482,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -491,7 +495,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mturk/options.go b/service/mturk/options.go index a3035071e59..e1d64c10d99 100644 --- a/service/mturk/options.go +++ b/service/mturk/options.go @@ -5,6 +5,7 @@ package mturk import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mwaa/api_client.go b/service/mwaa/api_client.go index 8586f146941..95e91ebfaca 100644 --- a/service/mwaa/api_client.go +++ b/service/mwaa/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mwaa/auth.go b/service/mwaa/auth.go index 06e66fb967b..8c5e6954615 100644 --- a/service/mwaa/auth.go +++ b/service/mwaa/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mwaa/endpoints.go b/service/mwaa/endpoints.go index eabfc44c9ba..cfddac906bb 100644 --- a/service/mwaa/endpoints.go +++ b/service/mwaa/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mwaa/options.go b/service/mwaa/options.go index 406e538271a..5ffcb3cf4f0 100644 --- a/service/mwaa/options.go +++ b/service/mwaa/options.go @@ -5,6 +5,7 @@ package mwaa import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptune/api_client.go b/service/neptune/api_client.go index a56c87a9fac..3248543a6d7 100644 --- a/service/neptune/api_client.go +++ b/service/neptune/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/neptune/auth.go b/service/neptune/auth.go index ca9d419446f..b3bf1e4a600 100644 --- a/service/neptune/auth.go +++ b/service/neptune/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptune/endpoints.go b/service/neptune/endpoints.go index 699a665457a..894011b0f14 100644 --- a/service/neptune/endpoints.go +++ b/service/neptune/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptune/options.go b/service/neptune/options.go index 2ca079c69a3..53af25329bc 100644 --- a/service/neptune/options.go +++ b/service/neptune/options.go @@ -5,6 +5,7 @@ package neptune import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptunedata/api_client.go b/service/neptunedata/api_client.go index 6ac9b95908f..5ee508eab00 100644 --- a/service/neptunedata/api_client.go +++ b/service/neptunedata/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/neptunedata/auth.go b/service/neptunedata/auth.go index 92a6c9c0527..08b83f2b7a8 100644 --- a/service/neptunedata/auth.go +++ b/service/neptunedata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptunedata/endpoints.go b/service/neptunedata/endpoints.go index eb372cf40de..7ed1c939c58 100644 --- a/service/neptunedata/endpoints.go +++ b/service/neptunedata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptunedata/options.go b/service/neptunedata/options.go index 447aae298a4..512272403be 100644 --- a/service/neptunedata/options.go +++ b/service/neptunedata/options.go @@ -5,6 +5,7 @@ package neptunedata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptunegraph/api_client.go b/service/neptunegraph/api_client.go index 9d939edaf81..a41fd2f491b 100644 --- a/service/neptunegraph/api_client.go +++ b/service/neptunegraph/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/neptunegraph/auth.go b/service/neptunegraph/auth.go index c5409c12fcf..2f9dde5bc49 100644 --- a/service/neptunegraph/auth.go +++ b/service/neptunegraph/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptunegraph/endpoints.go b/service/neptunegraph/endpoints.go index ba354e69cda..e44f7e43d9d 100644 --- a/service/neptunegraph/endpoints.go +++ b/service/neptunegraph/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -504,7 +505,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -533,6 +534,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -543,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptunegraph/options.go b/service/neptunegraph/options.go index 846efcca619..f83fa1ce5e8 100644 --- a/service/neptunegraph/options.go +++ b/service/neptunegraph/options.go @@ -5,6 +5,7 @@ package neptunegraph import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkfirewall/api_client.go b/service/networkfirewall/api_client.go index 41c436676fb..17b51e462e8 100644 --- a/service/networkfirewall/api_client.go +++ b/service/networkfirewall/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/networkfirewall/auth.go b/service/networkfirewall/auth.go index 1b9402e8cc9..43298594b08 100644 --- a/service/networkfirewall/auth.go +++ b/service/networkfirewall/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkfirewall/endpoints.go b/service/networkfirewall/endpoints.go index 122be24642a..2b48c251c13 100644 --- a/service/networkfirewall/endpoints.go +++ b/service/networkfirewall/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkfirewall/options.go b/service/networkfirewall/options.go index 062e8dc6628..7b4c59f4496 100644 --- a/service/networkfirewall/options.go +++ b/service/networkfirewall/options.go @@ -5,6 +5,7 @@ package networkfirewall import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkmanager/api_client.go b/service/networkmanager/api_client.go index 4c22e95584b..43d355c7ceb 100644 --- a/service/networkmanager/api_client.go +++ b/service/networkmanager/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/networkmanager/auth.go b/service/networkmanager/auth.go index 93a4a98aff4..4165445d452 100644 --- a/service/networkmanager/auth.go +++ b/service/networkmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkmanager/endpoints.go b/service/networkmanager/endpoints.go index 91d0b91d051..53432a18a70 100644 --- a/service/networkmanager/endpoints.go +++ b/service/networkmanager/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -508,7 +509,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -537,6 +538,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkmanager/options.go b/service/networkmanager/options.go index c3a80a8f19f..9f4a3403c5e 100644 --- a/service/networkmanager/options.go +++ b/service/networkmanager/options.go @@ -5,6 +5,7 @@ package networkmanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkmonitor/api_client.go b/service/networkmonitor/api_client.go index 02e2d8f5d83..ede0b02307f 100644 --- a/service/networkmonitor/api_client.go +++ b/service/networkmonitor/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/networkmonitor/auth.go b/service/networkmonitor/auth.go index 4e8dbcd26eb..2092748f120 100644 --- a/service/networkmonitor/auth.go +++ b/service/networkmonitor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkmonitor/endpoints.go b/service/networkmonitor/endpoints.go index 88141f9cec5..7c6fc5743b5 100644 --- a/service/networkmonitor/endpoints.go +++ b/service/networkmonitor/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkmonitor/options.go b/service/networkmonitor/options.go index 90427c15d77..5cf482182a5 100644 --- a/service/networkmonitor/options.go +++ b/service/networkmonitor/options.go @@ -5,6 +5,7 @@ package networkmonitor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/nimble/api_client.go b/service/nimble/api_client.go index 355c015e228..8b1f40a3ea6 100644 --- a/service/nimble/api_client.go +++ b/service/nimble/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/nimble/auth.go b/service/nimble/auth.go index a132e9880ab..559d0d28f8c 100644 --- a/service/nimble/auth.go +++ b/service/nimble/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/nimble/endpoints.go b/service/nimble/endpoints.go index 0b7aecabfc8..6687b0597ef 100644 --- a/service/nimble/endpoints.go +++ b/service/nimble/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/nimble/options.go b/service/nimble/options.go index d839d14c433..f1bcdace743 100644 --- a/service/nimble/options.go +++ b/service/nimble/options.go @@ -5,6 +5,7 @@ package nimble import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/oam/api_client.go b/service/oam/api_client.go index 5a356fa9614..70fe9364204 100644 --- a/service/oam/api_client.go +++ b/service/oam/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/oam/auth.go b/service/oam/auth.go index 7f45f8d46ab..efe794bb158 100644 --- a/service/oam/auth.go +++ b/service/oam/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/oam/endpoints.go b/service/oam/endpoints.go index 331f5e1b7e5..b509c024355 100644 --- a/service/oam/endpoints.go +++ b/service/oam/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/oam/options.go b/service/oam/options.go index 24180adaa4e..b91a4bbbc3a 100644 --- a/service/oam/options.go +++ b/service/oam/options.go @@ -5,6 +5,7 @@ package oam import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/omics/api_client.go b/service/omics/api_client.go index 08ba6cf5462..8de0a6bd197 100644 --- a/service/omics/api_client.go +++ b/service/omics/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/omics/auth.go b/service/omics/auth.go index 83a846acccf..681022b382d 100644 --- a/service/omics/auth.go +++ b/service/omics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/omics/endpoints.go b/service/omics/endpoints.go index ad32ab91189..f7ab7c4c0bd 100644 --- a/service/omics/endpoints.go +++ b/service/omics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/omics/options.go b/service/omics/options.go index 2f58759c3b9..3f8b72b23b9 100644 --- a/service/omics/options.go +++ b/service/omics/options.go @@ -5,6 +5,7 @@ package omics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opensearch/api_client.go b/service/opensearch/api_client.go index c421bcdf014..0fcceeda728 100644 --- a/service/opensearch/api_client.go +++ b/service/opensearch/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opensearch/auth.go b/service/opensearch/auth.go index 8b5a30b77a8..8cba72ffc00 100644 --- a/service/opensearch/auth.go +++ b/service/opensearch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opensearch/endpoints.go b/service/opensearch/endpoints.go index 365040b50d6..8378369b328 100644 --- a/service/opensearch/endpoints.go +++ b/service/opensearch/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -496,7 +497,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -525,6 +526,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opensearch/options.go b/service/opensearch/options.go index e2478fcd762..33ad5a045b5 100644 --- a/service/opensearch/options.go +++ b/service/opensearch/options.go @@ -5,6 +5,7 @@ package opensearch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opensearchserverless/api_client.go b/service/opensearchserverless/api_client.go index f4fa44027b2..cac6d9d3a7a 100644 --- a/service/opensearchserverless/api_client.go +++ b/service/opensearchserverless/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opensearchserverless/auth.go b/service/opensearchserverless/auth.go index 9d7c3cccb76..0effa315f8e 100644 --- a/service/opensearchserverless/auth.go +++ b/service/opensearchserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opensearchserverless/endpoints.go b/service/opensearchserverless/endpoints.go index 13b99ae1596..dccfb91f33e 100644 --- a/service/opensearchserverless/endpoints.go +++ b/service/opensearchserverless/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opensearchserverless/options.go b/service/opensearchserverless/options.go index 5ae7820a093..bf8e78b6864 100644 --- a/service/opensearchserverless/options.go +++ b/service/opensearchserverless/options.go @@ -5,6 +5,7 @@ package opensearchserverless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opsworks/api_client.go b/service/opsworks/api_client.go index 3b85b3cd7aa..db71685257a 100644 --- a/service/opsworks/api_client.go +++ b/service/opsworks/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opsworks/auth.go b/service/opsworks/auth.go index e276062caab..5a658207956 100644 --- a/service/opsworks/auth.go +++ b/service/opsworks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opsworks/endpoints.go b/service/opsworks/endpoints.go index f3dd8e1d4f1..a1038c98046 100644 --- a/service/opsworks/endpoints.go +++ b/service/opsworks/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opsworks/options.go b/service/opsworks/options.go index 2f822c32416..84a97fb741a 100644 --- a/service/opsworks/options.go +++ b/service/opsworks/options.go @@ -5,6 +5,7 @@ package opsworks import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opsworkscm/api_client.go b/service/opsworkscm/api_client.go index 606b51f6483..c6dfc184b2e 100644 --- a/service/opsworkscm/api_client.go +++ b/service/opsworkscm/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opsworkscm/auth.go b/service/opsworkscm/auth.go index eb4c462a222..ae5874844ca 100644 --- a/service/opsworkscm/auth.go +++ b/service/opsworkscm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opsworkscm/endpoints.go b/service/opsworkscm/endpoints.go index e000b6a0148..9ae1b755041 100644 --- a/service/opsworkscm/endpoints.go +++ b/service/opsworkscm/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opsworkscm/options.go b/service/opsworkscm/options.go index e70c2ac0ffb..9b8bd88c487 100644 --- a/service/opsworkscm/options.go +++ b/service/opsworkscm/options.go @@ -5,6 +5,7 @@ package opsworkscm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/organizations/api_client.go b/service/organizations/api_client.go index 2b38af470ff..2d28391c269 100644 --- a/service/organizations/api_client.go +++ b/service/organizations/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/organizations/auth.go b/service/organizations/auth.go index 3e8a26568c4..45aa78aeb43 100644 --- a/service/organizations/auth.go +++ b/service/organizations/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/organizations/endpoints.go b/service/organizations/endpoints.go index 7058ea37e41..8b544b39956 100644 --- a/service/organizations/endpoints.go +++ b/service/organizations/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -610,7 +611,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -639,6 +640,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -649,7 +653,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/organizations/options.go b/service/organizations/options.go index ba05eb89a41..a169e11b4ff 100644 --- a/service/organizations/options.go +++ b/service/organizations/options.go @@ -5,6 +5,7 @@ package organizations import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/osis/api_client.go b/service/osis/api_client.go index fc33b2be48f..b85f83c327b 100644 --- a/service/osis/api_client.go +++ b/service/osis/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/osis/auth.go b/service/osis/auth.go index 15025142c33..2accdf263cd 100644 --- a/service/osis/auth.go +++ b/service/osis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/osis/endpoints.go b/service/osis/endpoints.go index 9f21c59c17f..df063bf9d55 100644 --- a/service/osis/endpoints.go +++ b/service/osis/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/osis/options.go b/service/osis/options.go index 467d937e6f0..f66e43d6231 100644 --- a/service/osis/options.go +++ b/service/osis/options.go @@ -5,6 +5,7 @@ package osis import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/outposts/api_client.go b/service/outposts/api_client.go index 4eb96aeec7c..b8848a5aa55 100644 --- a/service/outposts/api_client.go +++ b/service/outposts/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/outposts/auth.go b/service/outposts/auth.go index 2cba6d3a70b..832dab1dcc7 100644 --- a/service/outposts/auth.go +++ b/service/outposts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/outposts/endpoints.go b/service/outposts/endpoints.go index 3d87302dc9c..60dd99168cc 100644 --- a/service/outposts/endpoints.go +++ b/service/outposts/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/outposts/options.go b/service/outposts/options.go index 5c4fa3244f0..6e799eb4b7a 100644 --- a/service/outposts/options.go +++ b/service/outposts/options.go @@ -5,6 +5,7 @@ package outposts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/panorama/api_client.go b/service/panorama/api_client.go index 857bfb1c2c0..fcc812ef387 100644 --- a/service/panorama/api_client.go +++ b/service/panorama/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/panorama/auth.go b/service/panorama/auth.go index 408dba51cdd..9ebcb6cd953 100644 --- a/service/panorama/auth.go +++ b/service/panorama/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/panorama/endpoints.go b/service/panorama/endpoints.go index 3d248780660..8904a6742ec 100644 --- a/service/panorama/endpoints.go +++ b/service/panorama/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/panorama/options.go b/service/panorama/options.go index 7586bafeb49..f921bf1c432 100644 --- a/service/panorama/options.go +++ b/service/panorama/options.go @@ -5,6 +5,7 @@ package panorama import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/paymentcryptography/api_client.go b/service/paymentcryptography/api_client.go index 3dbb67e916a..ccceec5ce29 100644 --- a/service/paymentcryptography/api_client.go +++ b/service/paymentcryptography/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/paymentcryptography/auth.go b/service/paymentcryptography/auth.go index 9ff3271eb22..87187487990 100644 --- a/service/paymentcryptography/auth.go +++ b/service/paymentcryptography/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/paymentcryptography/endpoints.go b/service/paymentcryptography/endpoints.go index 5f44216663f..6aafd3d06a5 100644 --- a/service/paymentcryptography/endpoints.go +++ b/service/paymentcryptography/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/paymentcryptography/options.go b/service/paymentcryptography/options.go index af359cb2b43..90e10272f51 100644 --- a/service/paymentcryptography/options.go +++ b/service/paymentcryptography/options.go @@ -5,6 +5,7 @@ package paymentcryptography import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/paymentcryptographydata/api_client.go b/service/paymentcryptographydata/api_client.go index 5241f23ee7e..c0026af0ce8 100644 --- a/service/paymentcryptographydata/api_client.go +++ b/service/paymentcryptographydata/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/paymentcryptographydata/auth.go b/service/paymentcryptographydata/auth.go index 750fa36ea67..f2e99947ff1 100644 --- a/service/paymentcryptographydata/auth.go +++ b/service/paymentcryptographydata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/paymentcryptographydata/endpoints.go b/service/paymentcryptographydata/endpoints.go index 9245cc59e8d..5a937614ffc 100644 --- a/service/paymentcryptographydata/endpoints.go +++ b/service/paymentcryptographydata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/paymentcryptographydata/options.go b/service/paymentcryptographydata/options.go index 3eda695222a..592c6936bc7 100644 --- a/service/paymentcryptographydata/options.go +++ b/service/paymentcryptographydata/options.go @@ -5,6 +5,7 @@ package paymentcryptographydata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pcaconnectorad/api_client.go b/service/pcaconnectorad/api_client.go index 94ab171e0a0..0e0f32a5f19 100644 --- a/service/pcaconnectorad/api_client.go +++ b/service/pcaconnectorad/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pcaconnectorad/auth.go b/service/pcaconnectorad/auth.go index b30abfba5ae..63e64e09968 100644 --- a/service/pcaconnectorad/auth.go +++ b/service/pcaconnectorad/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pcaconnectorad/endpoints.go b/service/pcaconnectorad/endpoints.go index 8e87d64050b..3d6148285c4 100644 --- a/service/pcaconnectorad/endpoints.go +++ b/service/pcaconnectorad/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pcaconnectorad/options.go b/service/pcaconnectorad/options.go index 083818f4014..10b97be0f66 100644 --- a/service/pcaconnectorad/options.go +++ b/service/pcaconnectorad/options.go @@ -5,6 +5,7 @@ package pcaconnectorad import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalize/api_client.go b/service/personalize/api_client.go index aba4b45a56f..b9a97427480 100644 --- a/service/personalize/api_client.go +++ b/service/personalize/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/personalize/auth.go b/service/personalize/auth.go index 8ef02ff21d2..ce84eaebc5f 100644 --- a/service/personalize/auth.go +++ b/service/personalize/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalize/endpoints.go b/service/personalize/endpoints.go index 2d3323230e1..9c3153f6b58 100644 --- a/service/personalize/endpoints.go +++ b/service/personalize/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalize/options.go b/service/personalize/options.go index 7ae259d20af..fe2fc36d3f2 100644 --- a/service/personalize/options.go +++ b/service/personalize/options.go @@ -5,6 +5,7 @@ package personalize import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalizeevents/api_client.go b/service/personalizeevents/api_client.go index d6db4f36812..ead017884bb 100644 --- a/service/personalizeevents/api_client.go +++ b/service/personalizeevents/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/personalizeevents/auth.go b/service/personalizeevents/auth.go index ed002654aba..18dceb4d22e 100644 --- a/service/personalizeevents/auth.go +++ b/service/personalizeevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalizeevents/endpoints.go b/service/personalizeevents/endpoints.go index 0216545c14b..18515407aec 100644 --- a/service/personalizeevents/endpoints.go +++ b/service/personalizeevents/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalizeevents/options.go b/service/personalizeevents/options.go index 55912cfdb51..5454942d853 100644 --- a/service/personalizeevents/options.go +++ b/service/personalizeevents/options.go @@ -5,6 +5,7 @@ package personalizeevents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalizeruntime/api_client.go b/service/personalizeruntime/api_client.go index fee4e90dd44..c6c439f7e44 100644 --- a/service/personalizeruntime/api_client.go +++ b/service/personalizeruntime/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/personalizeruntime/auth.go b/service/personalizeruntime/auth.go index 2471a19d0ec..800b70d7cfb 100644 --- a/service/personalizeruntime/auth.go +++ b/service/personalizeruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalizeruntime/endpoints.go b/service/personalizeruntime/endpoints.go index 4eb89fe9345..38d680fea91 100644 --- a/service/personalizeruntime/endpoints.go +++ b/service/personalizeruntime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalizeruntime/options.go b/service/personalizeruntime/options.go index 2151d25767a..8a341b29485 100644 --- a/service/personalizeruntime/options.go +++ b/service/personalizeruntime/options.go @@ -5,6 +5,7 @@ package personalizeruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pi/api_client.go b/service/pi/api_client.go index 9be04518dcd..623b9c63352 100644 --- a/service/pi/api_client.go +++ b/service/pi/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pi/auth.go b/service/pi/auth.go index e591b8ec95a..408d8f0d992 100644 --- a/service/pi/auth.go +++ b/service/pi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pi/endpoints.go b/service/pi/endpoints.go index 75a57d1cd7a..3a03d961881 100644 --- a/service/pi/endpoints.go +++ b/service/pi/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pi/options.go b/service/pi/options.go index 45e4e44cfc3..b86f4371be2 100644 --- a/service/pi/options.go +++ b/service/pi/options.go @@ -5,6 +5,7 @@ package pi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpoint/api_client.go b/service/pinpoint/api_client.go index 8b9d2324a1c..fbd12003ce9 100644 --- a/service/pinpoint/api_client.go +++ b/service/pinpoint/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpoint/auth.go b/service/pinpoint/auth.go index 0a48a980aa8..513e58da22a 100644 --- a/service/pinpoint/auth.go +++ b/service/pinpoint/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpoint/endpoints.go b/service/pinpoint/endpoints.go index a3852da6ead..6bba7dce9dc 100644 --- a/service/pinpoint/endpoints.go +++ b/service/pinpoint/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -516,7 +517,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -545,6 +546,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -555,7 +559,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpoint/options.go b/service/pinpoint/options.go index 8637dc98f5e..923d97158d7 100644 --- a/service/pinpoint/options.go +++ b/service/pinpoint/options.go @@ -5,6 +5,7 @@ package pinpoint import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointemail/api_client.go b/service/pinpointemail/api_client.go index 4f40eaa3cf2..e71cb38fc11 100644 --- a/service/pinpointemail/api_client.go +++ b/service/pinpointemail/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpointemail/auth.go b/service/pinpointemail/auth.go index 2a4d0ab93ce..4e54b265a6d 100644 --- a/service/pinpointemail/auth.go +++ b/service/pinpointemail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointemail/endpoints.go b/service/pinpointemail/endpoints.go index ee2e52641f3..bec611a8b6f 100644 --- a/service/pinpointemail/endpoints.go +++ b/service/pinpointemail/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointemail/options.go b/service/pinpointemail/options.go index a6031918084..687fb2baac5 100644 --- a/service/pinpointemail/options.go +++ b/service/pinpointemail/options.go @@ -5,6 +5,7 @@ package pinpointemail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointsmsvoice/api_client.go b/service/pinpointsmsvoice/api_client.go index 10c941de73d..ad2e77804f4 100644 --- a/service/pinpointsmsvoice/api_client.go +++ b/service/pinpointsmsvoice/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpointsmsvoice/auth.go b/service/pinpointsmsvoice/auth.go index 4b0847e23e0..5a6c4693fe6 100644 --- a/service/pinpointsmsvoice/auth.go +++ b/service/pinpointsmsvoice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointsmsvoice/endpoints.go b/service/pinpointsmsvoice/endpoints.go index ff94c4d51a0..9ab715e792f 100644 --- a/service/pinpointsmsvoice/endpoints.go +++ b/service/pinpointsmsvoice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointsmsvoice/options.go b/service/pinpointsmsvoice/options.go index a0f22871ffa..4bf074d7c10 100644 --- a/service/pinpointsmsvoice/options.go +++ b/service/pinpointsmsvoice/options.go @@ -5,6 +5,7 @@ package pinpointsmsvoice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointsmsvoicev2/api_client.go b/service/pinpointsmsvoicev2/api_client.go index 123dab90690..3d7cf8a1c1c 100644 --- a/service/pinpointsmsvoicev2/api_client.go +++ b/service/pinpointsmsvoicev2/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpointsmsvoicev2/auth.go b/service/pinpointsmsvoicev2/auth.go index c5d979e30c8..79f61363b06 100644 --- a/service/pinpointsmsvoicev2/auth.go +++ b/service/pinpointsmsvoicev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointsmsvoicev2/endpoints.go b/service/pinpointsmsvoicev2/endpoints.go index b2fd8232da9..7f3977cc3f8 100644 --- a/service/pinpointsmsvoicev2/endpoints.go +++ b/service/pinpointsmsvoicev2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointsmsvoicev2/options.go b/service/pinpointsmsvoicev2/options.go index 48eb5cd75c2..4d4f0e0e534 100644 --- a/service/pinpointsmsvoicev2/options.go +++ b/service/pinpointsmsvoicev2/options.go @@ -5,6 +5,7 @@ package pinpointsmsvoicev2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pipes/api_client.go b/service/pipes/api_client.go index c9e2b00ac33..eb81aa2ff71 100644 --- a/service/pipes/api_client.go +++ b/service/pipes/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pipes/auth.go b/service/pipes/auth.go index 15a361df493..47a9979dcf9 100644 --- a/service/pipes/auth.go +++ b/service/pipes/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pipes/endpoints.go b/service/pipes/endpoints.go index 0e2dcb747f6..667ad6cb324 100644 --- a/service/pipes/endpoints.go +++ b/service/pipes/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pipes/options.go b/service/pipes/options.go index f3d862a64b0..6e88eac4cc1 100644 --- a/service/pipes/options.go +++ b/service/pipes/options.go @@ -5,6 +5,7 @@ package pipes import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/polly/api_client.go b/service/polly/api_client.go index f86584d8794..e973a3a71bc 100644 --- a/service/polly/api_client.go +++ b/service/polly/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/polly/auth.go b/service/polly/auth.go index ec4a0e8f072..2e2befe1d79 100644 --- a/service/polly/auth.go +++ b/service/polly/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/polly/endpoints.go b/service/polly/endpoints.go index 60f48afbff6..b4d7d4f0168 100644 --- a/service/polly/endpoints.go +++ b/service/polly/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/polly/options.go b/service/polly/options.go index 0941ae37fe2..d5275ff8f8a 100644 --- a/service/polly/options.go +++ b/service/polly/options.go @@ -5,6 +5,7 @@ package polly import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pricing/api_client.go b/service/pricing/api_client.go index 3185fe07dbd..4dbf628c7da 100644 --- a/service/pricing/api_client.go +++ b/service/pricing/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pricing/auth.go b/service/pricing/auth.go index dcc7845c983..5a0d4742cf9 100644 --- a/service/pricing/auth.go +++ b/service/pricing/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pricing/endpoints.go b/service/pricing/endpoints.go index c642b5d94b8..063081661ab 100644 --- a/service/pricing/endpoints.go +++ b/service/pricing/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pricing/options.go b/service/pricing/options.go index 75cf87de816..fb57deb4971 100644 --- a/service/pricing/options.go +++ b/service/pricing/options.go @@ -5,6 +5,7 @@ package pricing import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/privatenetworks/api_client.go b/service/privatenetworks/api_client.go index a3ea5b4b90a..6ad053cd023 100644 --- a/service/privatenetworks/api_client.go +++ b/service/privatenetworks/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/privatenetworks/auth.go b/service/privatenetworks/auth.go index 3fad0959e16..48d59b5a0fe 100644 --- a/service/privatenetworks/auth.go +++ b/service/privatenetworks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/privatenetworks/endpoints.go b/service/privatenetworks/endpoints.go index f1ce79453b0..d86e0beed46 100644 --- a/service/privatenetworks/endpoints.go +++ b/service/privatenetworks/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/privatenetworks/options.go b/service/privatenetworks/options.go index e48aa49665e..48bc6861a14 100644 --- a/service/privatenetworks/options.go +++ b/service/privatenetworks/options.go @@ -5,6 +5,7 @@ package privatenetworks import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/proton/api_client.go b/service/proton/api_client.go index 437c082b320..8e4a1093234 100644 --- a/service/proton/api_client.go +++ b/service/proton/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/proton/auth.go b/service/proton/auth.go index 1bde7428634..aa2179a83f7 100644 --- a/service/proton/auth.go +++ b/service/proton/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/proton/endpoints.go b/service/proton/endpoints.go index f626b182268..ae4b24f00d2 100644 --- a/service/proton/endpoints.go +++ b/service/proton/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/proton/options.go b/service/proton/options.go index 58fa104099b..e47360a0915 100644 --- a/service/proton/options.go +++ b/service/proton/options.go @@ -5,6 +5,7 @@ package proton import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qbusiness/api_client.go b/service/qbusiness/api_client.go index a949e8d47b9..9563b25e46d 100644 --- a/service/qbusiness/api_client.go +++ b/service/qbusiness/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qbusiness/auth.go b/service/qbusiness/auth.go index 487dc2392d2..7030ea00847 100644 --- a/service/qbusiness/auth.go +++ b/service/qbusiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qbusiness/endpoints.go b/service/qbusiness/endpoints.go index eb3d36d677b..2436d4ef234 100644 --- a/service/qbusiness/endpoints.go +++ b/service/qbusiness/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -411,7 +412,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -439,6 +440,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qbusiness/options.go b/service/qbusiness/options.go index 963714ee904..4a931de1d23 100644 --- a/service/qbusiness/options.go +++ b/service/qbusiness/options.go @@ -5,6 +5,7 @@ package qbusiness import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qconnect/api_client.go b/service/qconnect/api_client.go index 824271643ae..c3e70353754 100644 --- a/service/qconnect/api_client.go +++ b/service/qconnect/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qconnect/auth.go b/service/qconnect/auth.go index 34142319821..9f22946b7f2 100644 --- a/service/qconnect/auth.go +++ b/service/qconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qconnect/endpoints.go b/service/qconnect/endpoints.go index 8a6efd31f04..c9ee6bdd274 100644 --- a/service/qconnect/endpoints.go +++ b/service/qconnect/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qconnect/options.go b/service/qconnect/options.go index 42c2b4fba85..9322dc1c70b 100644 --- a/service/qconnect/options.go +++ b/service/qconnect/options.go @@ -5,6 +5,7 @@ package qconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qldb/api_client.go b/service/qldb/api_client.go index 5207dc64109..ce699a1461f 100644 --- a/service/qldb/api_client.go +++ b/service/qldb/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qldb/auth.go b/service/qldb/auth.go index eb1a484cd8c..2f0dc7d93d6 100644 --- a/service/qldb/auth.go +++ b/service/qldb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qldb/endpoints.go b/service/qldb/endpoints.go index 9a9545a41c3..bc6cef0f9b0 100644 --- a/service/qldb/endpoints.go +++ b/service/qldb/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qldb/options.go b/service/qldb/options.go index 28bc949451c..8c9189a6562 100644 --- a/service/qldb/options.go +++ b/service/qldb/options.go @@ -5,6 +5,7 @@ package qldb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qldbsession/api_client.go b/service/qldbsession/api_client.go index 7338fe6362e..836ccaaaadd 100644 --- a/service/qldbsession/api_client.go +++ b/service/qldbsession/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qldbsession/auth.go b/service/qldbsession/auth.go index 051dc62b032..9c0a203c297 100644 --- a/service/qldbsession/auth.go +++ b/service/qldbsession/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qldbsession/endpoints.go b/service/qldbsession/endpoints.go index 14d4440a07b..45b75b63578 100644 --- a/service/qldbsession/endpoints.go +++ b/service/qldbsession/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qldbsession/options.go b/service/qldbsession/options.go index b79b15fb87f..f4f82f6a283 100644 --- a/service/qldbsession/options.go +++ b/service/qldbsession/options.go @@ -5,6 +5,7 @@ package qldbsession import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/quicksight/api_client.go b/service/quicksight/api_client.go index 6cfb1f2a856..6d127a7fbee 100644 --- a/service/quicksight/api_client.go +++ b/service/quicksight/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/quicksight/auth.go b/service/quicksight/auth.go index 3bbeeff2507..84fbc98e1b1 100644 --- a/service/quicksight/auth.go +++ b/service/quicksight/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/quicksight/endpoints.go b/service/quicksight/endpoints.go index 0726df91f51..74883183d53 100644 --- a/service/quicksight/endpoints.go +++ b/service/quicksight/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/quicksight/options.go b/service/quicksight/options.go index bef20fecb97..b37b4213038 100644 --- a/service/quicksight/options.go +++ b/service/quicksight/options.go @@ -5,6 +5,7 @@ package quicksight import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ram/api_client.go b/service/ram/api_client.go index c93034433b8..962e1003701 100644 --- a/service/ram/api_client.go +++ b/service/ram/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ram/auth.go b/service/ram/auth.go index 819418af550..d0da6a1eb9e 100644 --- a/service/ram/auth.go +++ b/service/ram/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ram/endpoints.go b/service/ram/endpoints.go index 7ea4a9230e1..6b053d93fb2 100644 --- a/service/ram/endpoints.go +++ b/service/ram/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ram/options.go b/service/ram/options.go index 53cb5ed0457..9003feb5b85 100644 --- a/service/ram/options.go +++ b/service/ram/options.go @@ -5,6 +5,7 @@ package ram import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rbin/api_client.go b/service/rbin/api_client.go index ff3b4f9f84e..baeaa598bf6 100644 --- a/service/rbin/api_client.go +++ b/service/rbin/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rbin/auth.go b/service/rbin/auth.go index 3c4c5d002c1..4ad8918f7d4 100644 --- a/service/rbin/auth.go +++ b/service/rbin/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rbin/endpoints.go b/service/rbin/endpoints.go index 98899eb1d78..71b14134b56 100644 --- a/service/rbin/endpoints.go +++ b/service/rbin/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rbin/options.go b/service/rbin/options.go index 8ab81fcf059..5b6c049d53f 100644 --- a/service/rbin/options.go +++ b/service/rbin/options.go @@ -5,6 +5,7 @@ package rbin import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rds/api_client.go b/service/rds/api_client.go index 55dd540d55f..1da762b9a13 100644 --- a/service/rds/api_client.go +++ b/service/rds/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rds/auth.go b/service/rds/auth.go index 4c1ad1ee8c5..312c2ab8518 100644 --- a/service/rds/auth.go +++ b/service/rds/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rds/endpoints.go b/service/rds/endpoints.go index 57d8f837382..d8ad5d37187 100644 --- a/service/rds/endpoints.go +++ b/service/rds/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rds/options.go b/service/rds/options.go index f7d3a50892d..25996f0aebe 100644 --- a/service/rds/options.go +++ b/service/rds/options.go @@ -5,6 +5,7 @@ package rds import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rdsdata/api_client.go b/service/rdsdata/api_client.go index 50e49aa2645..0c73de6ed51 100644 --- a/service/rdsdata/api_client.go +++ b/service/rdsdata/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rdsdata/auth.go b/service/rdsdata/auth.go index 25e8d40014b..4044e112e2a 100644 --- a/service/rdsdata/auth.go +++ b/service/rdsdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rdsdata/endpoints.go b/service/rdsdata/endpoints.go index b8c5ae9530e..90f93ce4eb7 100644 --- a/service/rdsdata/endpoints.go +++ b/service/rdsdata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rdsdata/options.go b/service/rdsdata/options.go index 3d459c5681a..15a6475d635 100644 --- a/service/rdsdata/options.go +++ b/service/rdsdata/options.go @@ -5,6 +5,7 @@ package rdsdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshift/api_client.go b/service/redshift/api_client.go index 09c9f3c9c08..ae4466bcaad 100644 --- a/service/redshift/api_client.go +++ b/service/redshift/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/redshift/auth.go b/service/redshift/auth.go index 3e704fde790..6a48643a702 100644 --- a/service/redshift/auth.go +++ b/service/redshift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshift/endpoints.go b/service/redshift/endpoints.go index 101b963a813..1a05559ad72 100644 --- a/service/redshift/endpoints.go +++ b/service/redshift/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshift/options.go b/service/redshift/options.go index 1131fd4e7ff..6aee798f9ad 100644 --- a/service/redshift/options.go +++ b/service/redshift/options.go @@ -5,6 +5,7 @@ package redshift import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshiftdata/api_client.go b/service/redshiftdata/api_client.go index 945d89a5e2b..f7cbb1a363f 100644 --- a/service/redshiftdata/api_client.go +++ b/service/redshiftdata/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/redshiftdata/auth.go b/service/redshiftdata/auth.go index 3d8523b426c..aafd1346e97 100644 --- a/service/redshiftdata/auth.go +++ b/service/redshiftdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshiftdata/endpoints.go b/service/redshiftdata/endpoints.go index 8c5b1013212..cd4ce03457c 100644 --- a/service/redshiftdata/endpoints.go +++ b/service/redshiftdata/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshiftdata/options.go b/service/redshiftdata/options.go index 75274d1da99..7ad41c37d1e 100644 --- a/service/redshiftdata/options.go +++ b/service/redshiftdata/options.go @@ -5,6 +5,7 @@ package redshiftdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshiftserverless/api_client.go b/service/redshiftserverless/api_client.go index 29267f3a8b1..5ecff2f736f 100644 --- a/service/redshiftserverless/api_client.go +++ b/service/redshiftserverless/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/redshiftserverless/auth.go b/service/redshiftserverless/auth.go index 9954df495ea..325442f0664 100644 --- a/service/redshiftserverless/auth.go +++ b/service/redshiftserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshiftserverless/endpoints.go b/service/redshiftserverless/endpoints.go index 8f48b3824f9..db064875d28 100644 --- a/service/redshiftserverless/endpoints.go +++ b/service/redshiftserverless/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshiftserverless/options.go b/service/redshiftserverless/options.go index 3037bef5056..4fa06787233 100644 --- a/service/redshiftserverless/options.go +++ b/service/redshiftserverless/options.go @@ -5,6 +5,7 @@ package redshiftserverless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rekognition/api_client.go b/service/rekognition/api_client.go index 07aa39ac796..26107199335 100644 --- a/service/rekognition/api_client.go +++ b/service/rekognition/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rekognition/auth.go b/service/rekognition/auth.go index 31124e531a1..80220cbbc2f 100644 --- a/service/rekognition/auth.go +++ b/service/rekognition/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rekognition/endpoints.go b/service/rekognition/endpoints.go index 40058c8a536..e7601919768 100644 --- a/service/rekognition/endpoints.go +++ b/service/rekognition/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rekognition/options.go b/service/rekognition/options.go index 98ebd9c8f26..0aa5d880b38 100644 --- a/service/rekognition/options.go +++ b/service/rekognition/options.go @@ -5,6 +5,7 @@ package rekognition import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/repostspace/api_client.go b/service/repostspace/api_client.go index f90bf60f41f..e8827af4f2d 100644 --- a/service/repostspace/api_client.go +++ b/service/repostspace/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/repostspace/auth.go b/service/repostspace/auth.go index 9660a59141c..3ffa77ecfa1 100644 --- a/service/repostspace/auth.go +++ b/service/repostspace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/repostspace/endpoints.go b/service/repostspace/endpoints.go index c25dabc510e..3467e14df03 100644 --- a/service/repostspace/endpoints.go +++ b/service/repostspace/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/repostspace/options.go b/service/repostspace/options.go index 0370fd9d196..38d92f9ea9e 100644 --- a/service/repostspace/options.go +++ b/service/repostspace/options.go @@ -5,6 +5,7 @@ package repostspace import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resiliencehub/api_client.go b/service/resiliencehub/api_client.go index 4717d710047..abac686b53f 100644 --- a/service/resiliencehub/api_client.go +++ b/service/resiliencehub/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resiliencehub/auth.go b/service/resiliencehub/auth.go index 70128c734f3..9707369b4de 100644 --- a/service/resiliencehub/auth.go +++ b/service/resiliencehub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resiliencehub/endpoints.go b/service/resiliencehub/endpoints.go index 585831e6b20..407d17ef718 100644 --- a/service/resiliencehub/endpoints.go +++ b/service/resiliencehub/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resiliencehub/options.go b/service/resiliencehub/options.go index 0f88fcee0b4..45d0895270a 100644 --- a/service/resiliencehub/options.go +++ b/service/resiliencehub/options.go @@ -5,6 +5,7 @@ package resiliencehub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourceexplorer2/api_client.go b/service/resourceexplorer2/api_client.go index 1bcf778b426..9466e21ff12 100644 --- a/service/resourceexplorer2/api_client.go +++ b/service/resourceexplorer2/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resourceexplorer2/auth.go b/service/resourceexplorer2/auth.go index 0444437656d..bcfec2a73d7 100644 --- a/service/resourceexplorer2/auth.go +++ b/service/resourceexplorer2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourceexplorer2/endpoints.go b/service/resourceexplorer2/endpoints.go index da20bbf70f5..0be14bf63e3 100644 --- a/service/resourceexplorer2/endpoints.go +++ b/service/resourceexplorer2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -411,7 +412,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -439,6 +440,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourceexplorer2/options.go b/service/resourceexplorer2/options.go index a5bab79f58d..8290b24dccd 100644 --- a/service/resourceexplorer2/options.go +++ b/service/resourceexplorer2/options.go @@ -5,6 +5,7 @@ package resourceexplorer2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourcegroups/api_client.go b/service/resourcegroups/api_client.go index 481293664ec..8faa4aabe63 100644 --- a/service/resourcegroups/api_client.go +++ b/service/resourcegroups/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resourcegroups/auth.go b/service/resourcegroups/auth.go index d769c10e82a..1c4c6c5f239 100644 --- a/service/resourcegroups/auth.go +++ b/service/resourcegroups/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourcegroups/endpoints.go b/service/resourcegroups/endpoints.go index a14bcd9f9d1..4be3df22850 100644 --- a/service/resourcegroups/endpoints.go +++ b/service/resourcegroups/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourcegroups/options.go b/service/resourcegroups/options.go index c941e8dd7f8..397824752be 100644 --- a/service/resourcegroups/options.go +++ b/service/resourcegroups/options.go @@ -5,6 +5,7 @@ package resourcegroups import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourcegroupstaggingapi/api_client.go b/service/resourcegroupstaggingapi/api_client.go index 6f8349a91c0..9bdec89658a 100644 --- a/service/resourcegroupstaggingapi/api_client.go +++ b/service/resourcegroupstaggingapi/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resourcegroupstaggingapi/auth.go b/service/resourcegroupstaggingapi/auth.go index a858c9c565c..9a0f9cd3fc5 100644 --- a/service/resourcegroupstaggingapi/auth.go +++ b/service/resourcegroupstaggingapi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourcegroupstaggingapi/endpoints.go b/service/resourcegroupstaggingapi/endpoints.go index b91b084c9bb..6a32dc64fa9 100644 --- a/service/resourcegroupstaggingapi/endpoints.go +++ b/service/resourcegroupstaggingapi/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourcegroupstaggingapi/options.go b/service/resourcegroupstaggingapi/options.go index 247ed084c7c..dba71e600e1 100644 --- a/service/resourcegroupstaggingapi/options.go +++ b/service/resourcegroupstaggingapi/options.go @@ -5,6 +5,7 @@ package resourcegroupstaggingapi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/robomaker/api_client.go b/service/robomaker/api_client.go index 2371a8790e0..b907c00ec30 100644 --- a/service/robomaker/api_client.go +++ b/service/robomaker/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/robomaker/auth.go b/service/robomaker/auth.go index b12a0f982bb..5b14cf5013a 100644 --- a/service/robomaker/auth.go +++ b/service/robomaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/robomaker/endpoints.go b/service/robomaker/endpoints.go index 6de26356d85..aa6096d886c 100644 --- a/service/robomaker/endpoints.go +++ b/service/robomaker/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/robomaker/options.go b/service/robomaker/options.go index 929dc42ba7b..5a912faf619 100644 --- a/service/robomaker/options.go +++ b/service/robomaker/options.go @@ -5,6 +5,7 @@ package robomaker import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rolesanywhere/api_client.go b/service/rolesanywhere/api_client.go index afc78e0d1cd..a51878e39c3 100644 --- a/service/rolesanywhere/api_client.go +++ b/service/rolesanywhere/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rolesanywhere/auth.go b/service/rolesanywhere/auth.go index dad98f4e241..c346a630020 100644 --- a/service/rolesanywhere/auth.go +++ b/service/rolesanywhere/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rolesanywhere/endpoints.go b/service/rolesanywhere/endpoints.go index 6478bb68ed2..74d61f1c646 100644 --- a/service/rolesanywhere/endpoints.go +++ b/service/rolesanywhere/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rolesanywhere/options.go b/service/rolesanywhere/options.go index d7e99288833..18ae1df1434 100644 --- a/service/rolesanywhere/options.go +++ b/service/rolesanywhere/options.go @@ -5,6 +5,7 @@ package rolesanywhere import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53/api_client.go b/service/route53/api_client.go index c12337dedf6..0bc1ac79603 100644 --- a/service/route53/api_client.go +++ b/service/route53/api_client.go @@ -231,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53/auth.go b/service/route53/auth.go index 5e979833419..f6d1e839309 100644 --- a/service/route53/auth.go +++ b/service/route53/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53/endpoints.go b/service/route53/endpoints.go index a2ef865a644..3abf61a5307 100644 --- a/service/route53/endpoints.go +++ b/service/route53/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -746,7 +747,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -775,6 +776,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -785,7 +789,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53/options.go b/service/route53/options.go index 98b428f625c..0b7dd406cf9 100644 --- a/service/route53/options.go +++ b/service/route53/options.go @@ -5,6 +5,7 @@ package route53 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53domains/api_client.go b/service/route53domains/api_client.go index 72a5fa25f78..7e7d34d4c7e 100644 --- a/service/route53domains/api_client.go +++ b/service/route53domains/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53domains/auth.go b/service/route53domains/auth.go index 51085fdccd6..9d568517a95 100644 --- a/service/route53domains/auth.go +++ b/service/route53domains/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53domains/endpoints.go b/service/route53domains/endpoints.go index 460616063b4..3e70fb638d1 100644 --- a/service/route53domains/endpoints.go +++ b/service/route53domains/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53domains/options.go b/service/route53domains/options.go index a80c0cce1f4..778f5153fc4 100644 --- a/service/route53domains/options.go +++ b/service/route53domains/options.go @@ -5,6 +5,7 @@ package route53domains import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycluster/api_client.go b/service/route53recoverycluster/api_client.go index b38e349ab56..29b6592bd0c 100644 --- a/service/route53recoverycluster/api_client.go +++ b/service/route53recoverycluster/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53recoverycluster/auth.go b/service/route53recoverycluster/auth.go index 0bf77bf7bb3..98b43c2d6ba 100644 --- a/service/route53recoverycluster/auth.go +++ b/service/route53recoverycluster/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoverycluster/endpoints.go b/service/route53recoverycluster/endpoints.go index 74dd38eea35..fd777dbd229 100644 --- a/service/route53recoverycluster/endpoints.go +++ b/service/route53recoverycluster/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoverycluster/options.go b/service/route53recoverycluster/options.go index dbb94a43fca..3eb1fcb956e 100644 --- a/service/route53recoverycluster/options.go +++ b/service/route53recoverycluster/options.go @@ -5,6 +5,7 @@ package route53recoverycluster import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycontrolconfig/api_client.go b/service/route53recoverycontrolconfig/api_client.go index 512d34923c9..a537c78bcc9 100644 --- a/service/route53recoverycontrolconfig/api_client.go +++ b/service/route53recoverycontrolconfig/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53recoverycontrolconfig/auth.go b/service/route53recoverycontrolconfig/auth.go index 78f797148e4..2e1de253377 100644 --- a/service/route53recoverycontrolconfig/auth.go +++ b/service/route53recoverycontrolconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoverycontrolconfig/endpoints.go b/service/route53recoverycontrolconfig/endpoints.go index 2c38462bba4..54522f4aa5c 100644 --- a/service/route53recoverycontrolconfig/endpoints.go +++ b/service/route53recoverycontrolconfig/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -470,7 +471,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -499,6 +500,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -509,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoverycontrolconfig/options.go b/service/route53recoverycontrolconfig/options.go index 91ab9e43013..56763e9b190 100644 --- a/service/route53recoverycontrolconfig/options.go +++ b/service/route53recoverycontrolconfig/options.go @@ -5,6 +5,7 @@ package route53recoverycontrolconfig import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoveryreadiness/api_client.go b/service/route53recoveryreadiness/api_client.go index b6b83463212..e959643ca75 100644 --- a/service/route53recoveryreadiness/api_client.go +++ b/service/route53recoveryreadiness/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53recoveryreadiness/auth.go b/service/route53recoveryreadiness/auth.go index b2f574252b9..96ce75888a2 100644 --- a/service/route53recoveryreadiness/auth.go +++ b/service/route53recoveryreadiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoveryreadiness/endpoints.go b/service/route53recoveryreadiness/endpoints.go index bf40d332253..707869e80d1 100644 --- a/service/route53recoveryreadiness/endpoints.go +++ b/service/route53recoveryreadiness/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoveryreadiness/options.go b/service/route53recoveryreadiness/options.go index 6c7b56f881b..0af7b8b917e 100644 --- a/service/route53recoveryreadiness/options.go +++ b/service/route53recoveryreadiness/options.go @@ -5,6 +5,7 @@ package route53recoveryreadiness import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53resolver/api_client.go b/service/route53resolver/api_client.go index 3c2bb21077c..979ec2c9602 100644 --- a/service/route53resolver/api_client.go +++ b/service/route53resolver/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53resolver/auth.go b/service/route53resolver/auth.go index b3fd292116d..01b8af398f3 100644 --- a/service/route53resolver/auth.go +++ b/service/route53resolver/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53resolver/endpoints.go b/service/route53resolver/endpoints.go index 5681279e1de..7b70b654db6 100644 --- a/service/route53resolver/endpoints.go +++ b/service/route53resolver/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +466,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -494,6 +495,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53resolver/options.go b/service/route53resolver/options.go index 3b99e8080c6..02312e68a71 100644 --- a/service/route53resolver/options.go +++ b/service/route53resolver/options.go @@ -5,6 +5,7 @@ package route53resolver import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rum/api_client.go b/service/rum/api_client.go index 03528c761a3..1b2a60cb7d1 100644 --- a/service/rum/api_client.go +++ b/service/rum/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rum/auth.go b/service/rum/auth.go index e0e89deba63..7c3bed5ed5a 100644 --- a/service/rum/auth.go +++ b/service/rum/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rum/endpoints.go b/service/rum/endpoints.go index d7c21fb025a..e6060af6376 100644 --- a/service/rum/endpoints.go +++ b/service/rum/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rum/options.go b/service/rum/options.go index 707f7f1ad3f..a4bafb3e0fe 100644 --- a/service/rum/options.go +++ b/service/rum/options.go @@ -5,6 +5,7 @@ package rum import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3/api_client.go b/service/s3/api_client.go index 5e5f27b2d72..82a7204d3e4 100644 --- a/service/s3/api_client.go +++ b/service/s3/api_client.go @@ -263,15 +263,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/s3/auth.go b/service/s3/auth.go index 6ef631bd380..d8d71d1fe7f 100644 --- a/service/s3/auth.go +++ b/service/s3/auth.go @@ -12,12 +12,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } -func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { - params.endpointParams = bindEndpointParams(input, options) +func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options, ctx context.Context) { + params.endpointParams = bindEndpointParams(input, options, ctx) } type setLegacyContextSigningOptionsMiddleware struct { @@ -98,13 +98,13 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthEndpointParams(params, input, options) - bindAuthParamsRegion(params, input, options) + bindAuthEndpointParams(params, input, options, ctx) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -179,7 +179,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3/endpoints.go b/service/s3/endpoints.go index a1f2e36d63a..7aba6790cdf 100644 --- a/service/s3/endpoints.go +++ b/service/s3/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" @@ -5665,7 +5666,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -5700,6 +5701,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -5710,7 +5714,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3/options.go b/service/s3/options.go index 064bcefb4fd..a36918e0187 100644 --- a/service/s3/options.go +++ b/service/s3/options.go @@ -6,6 +6,7 @@ import ( "context" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" "github.com/aws/aws-sdk-go-v2/internal/v4a" @@ -27,6 +28,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3control/api_client.go b/service/s3control/api_client.go index 58b298312e3..ec156abced8 100644 --- a/service/s3control/api_client.go +++ b/service/s3control/api_client.go @@ -235,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/s3control/auth.go b/service/s3control/auth.go index 4ebc2326ddc..303144e78db 100644 --- a/service/s3control/auth.go +++ b/service/s3control/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3control/endpoints.go b/service/s3control/endpoints.go index 0afd9ee4828..f82f044e333 100644 --- a/service/s3control/endpoints.go +++ b/service/s3control/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -1621,7 +1622,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1651,6 +1652,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -1661,7 +1665,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3control/options.go b/service/s3control/options.go index a27e36c85e4..12b8e5e42aa 100644 --- a/service/s3control/options.go +++ b/service/s3control/options.go @@ -5,6 +5,7 @@ package s3control import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3outposts/api_client.go b/service/s3outposts/api_client.go index b0210afa4b7..66584252106 100644 --- a/service/s3outposts/api_client.go +++ b/service/s3outposts/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/s3outposts/auth.go b/service/s3outposts/auth.go index 0c4514c575b..66fcb613753 100644 --- a/service/s3outposts/auth.go +++ b/service/s3outposts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3outposts/endpoints.go b/service/s3outposts/endpoints.go index 0553535aecc..de7f759c17b 100644 --- a/service/s3outposts/endpoints.go +++ b/service/s3outposts/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3outposts/options.go b/service/s3outposts/options.go index 329de7d3ebb..1c59cb4afc8 100644 --- a/service/s3outposts/options.go +++ b/service/s3outposts/options.go @@ -5,6 +5,7 @@ package s3outposts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemaker/api_client.go b/service/sagemaker/api_client.go index c6c441c2f07..0d63a8ce33a 100644 --- a/service/sagemaker/api_client.go +++ b/service/sagemaker/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemaker/auth.go b/service/sagemaker/auth.go index e7150ad0cd5..e844c21e46b 100644 --- a/service/sagemaker/auth.go +++ b/service/sagemaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemaker/endpoints.go b/service/sagemaker/endpoints.go index 4813a1a6345..760c273cdb0 100644 --- a/service/sagemaker/endpoints.go +++ b/service/sagemaker/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemaker/options.go b/service/sagemaker/options.go index f34cfbc1e73..08072d24989 100644 --- a/service/sagemaker/options.go +++ b/service/sagemaker/options.go @@ -5,6 +5,7 @@ package sagemaker import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakera2iruntime/api_client.go b/service/sagemakera2iruntime/api_client.go index dbd9f06bd49..49e676021bd 100644 --- a/service/sagemakera2iruntime/api_client.go +++ b/service/sagemakera2iruntime/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakera2iruntime/auth.go b/service/sagemakera2iruntime/auth.go index fec11b17c5e..70cb8e589ed 100644 --- a/service/sagemakera2iruntime/auth.go +++ b/service/sagemakera2iruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakera2iruntime/endpoints.go b/service/sagemakera2iruntime/endpoints.go index 629cc683a74..2ae6e0cf387 100644 --- a/service/sagemakera2iruntime/endpoints.go +++ b/service/sagemakera2iruntime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakera2iruntime/options.go b/service/sagemakera2iruntime/options.go index 99b41f4717e..35f0c6a1e49 100644 --- a/service/sagemakera2iruntime/options.go +++ b/service/sagemakera2iruntime/options.go @@ -5,6 +5,7 @@ package sagemakera2iruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakeredge/api_client.go b/service/sagemakeredge/api_client.go index 53d9a9ae983..334f7775529 100644 --- a/service/sagemakeredge/api_client.go +++ b/service/sagemakeredge/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakeredge/auth.go b/service/sagemakeredge/auth.go index 9c4e8e7e115..ada31d99dc7 100644 --- a/service/sagemakeredge/auth.go +++ b/service/sagemakeredge/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakeredge/endpoints.go b/service/sagemakeredge/endpoints.go index 3d2aa5c1826..6883a45b8af 100644 --- a/service/sagemakeredge/endpoints.go +++ b/service/sagemakeredge/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakeredge/options.go b/service/sagemakeredge/options.go index 91509de4fe0..25cb919f19b 100644 --- a/service/sagemakeredge/options.go +++ b/service/sagemakeredge/options.go @@ -5,6 +5,7 @@ package sagemakeredge import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakerfeaturestoreruntime/api_client.go b/service/sagemakerfeaturestoreruntime/api_client.go index ad3781ce93b..fc40efeeee2 100644 --- a/service/sagemakerfeaturestoreruntime/api_client.go +++ b/service/sagemakerfeaturestoreruntime/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakerfeaturestoreruntime/auth.go b/service/sagemakerfeaturestoreruntime/auth.go index 54e82e81895..2e8ed089bf7 100644 --- a/service/sagemakerfeaturestoreruntime/auth.go +++ b/service/sagemakerfeaturestoreruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakerfeaturestoreruntime/endpoints.go b/service/sagemakerfeaturestoreruntime/endpoints.go index d0ec1a7a46e..656919116ec 100644 --- a/service/sagemakerfeaturestoreruntime/endpoints.go +++ b/service/sagemakerfeaturestoreruntime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakerfeaturestoreruntime/options.go b/service/sagemakerfeaturestoreruntime/options.go index 504b6807183..57be78d181b 100644 --- a/service/sagemakerfeaturestoreruntime/options.go +++ b/service/sagemakerfeaturestoreruntime/options.go @@ -5,6 +5,7 @@ package sagemakerfeaturestoreruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakergeospatial/api_client.go b/service/sagemakergeospatial/api_client.go index b094ba823cb..ba1abfa6110 100644 --- a/service/sagemakergeospatial/api_client.go +++ b/service/sagemakergeospatial/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakergeospatial/auth.go b/service/sagemakergeospatial/auth.go index 331ff4b0d6d..3090acbaac4 100644 --- a/service/sagemakergeospatial/auth.go +++ b/service/sagemakergeospatial/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakergeospatial/endpoints.go b/service/sagemakergeospatial/endpoints.go index 04f189f4408..75f35500940 100644 --- a/service/sagemakergeospatial/endpoints.go +++ b/service/sagemakergeospatial/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakergeospatial/options.go b/service/sagemakergeospatial/options.go index 17a4d3a6fa5..8dfcdc97fbb 100644 --- a/service/sagemakergeospatial/options.go +++ b/service/sagemakergeospatial/options.go @@ -5,6 +5,7 @@ package sagemakergeospatial import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakermetrics/api_client.go b/service/sagemakermetrics/api_client.go index 15873ccf64a..4f63f655fd8 100644 --- a/service/sagemakermetrics/api_client.go +++ b/service/sagemakermetrics/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakermetrics/auth.go b/service/sagemakermetrics/auth.go index 8c21d3ecd13..08fe442d499 100644 --- a/service/sagemakermetrics/auth.go +++ b/service/sagemakermetrics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakermetrics/endpoints.go b/service/sagemakermetrics/endpoints.go index 69dde480346..4f9900b7d9f 100644 --- a/service/sagemakermetrics/endpoints.go +++ b/service/sagemakermetrics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakermetrics/options.go b/service/sagemakermetrics/options.go index 409ab3fa21a..226780bc213 100644 --- a/service/sagemakermetrics/options.go +++ b/service/sagemakermetrics/options.go @@ -5,6 +5,7 @@ package sagemakermetrics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakerruntime/api_client.go b/service/sagemakerruntime/api_client.go index 63e26ae23e0..12b15d83a6d 100644 --- a/service/sagemakerruntime/api_client.go +++ b/service/sagemakerruntime/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakerruntime/auth.go b/service/sagemakerruntime/auth.go index 70b7740ff98..26ff605426a 100644 --- a/service/sagemakerruntime/auth.go +++ b/service/sagemakerruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakerruntime/endpoints.go b/service/sagemakerruntime/endpoints.go index c5cc9ef085d..e99945f83ea 100644 --- a/service/sagemakerruntime/endpoints.go +++ b/service/sagemakerruntime/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -477,7 +478,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -506,6 +507,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakerruntime/options.go b/service/sagemakerruntime/options.go index 30fab8f1581..9a54eafb6a1 100644 --- a/service/sagemakerruntime/options.go +++ b/service/sagemakerruntime/options.go @@ -5,6 +5,7 @@ package sagemakerruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/savingsplans/api_client.go b/service/savingsplans/api_client.go index 378706954f0..f09419f2908 100644 --- a/service/savingsplans/api_client.go +++ b/service/savingsplans/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/savingsplans/auth.go b/service/savingsplans/auth.go index 8cf18855e61..a185366d3c6 100644 --- a/service/savingsplans/auth.go +++ b/service/savingsplans/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/savingsplans/endpoints.go b/service/savingsplans/endpoints.go index 8e8a6bbc0b8..5ccfcd34bcf 100644 --- a/service/savingsplans/endpoints.go +++ b/service/savingsplans/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -474,7 +475,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -503,6 +504,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -513,7 +517,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/savingsplans/options.go b/service/savingsplans/options.go index 0b0576a38f6..10ff61f5d47 100644 --- a/service/savingsplans/options.go +++ b/service/savingsplans/options.go @@ -5,6 +5,7 @@ package savingsplans import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/scheduler/api_client.go b/service/scheduler/api_client.go index 8749fcb0916..c178099c338 100644 --- a/service/scheduler/api_client.go +++ b/service/scheduler/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/scheduler/auth.go b/service/scheduler/auth.go index 6deb1919bb1..55e394ec0be 100644 --- a/service/scheduler/auth.go +++ b/service/scheduler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/scheduler/endpoints.go b/service/scheduler/endpoints.go index fad8fd156c7..847a35e5a45 100644 --- a/service/scheduler/endpoints.go +++ b/service/scheduler/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/scheduler/options.go b/service/scheduler/options.go index 5258e24cd94..695da6cd40a 100644 --- a/service/scheduler/options.go +++ b/service/scheduler/options.go @@ -5,6 +5,7 @@ package scheduler import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/schemas/api_client.go b/service/schemas/api_client.go index 8a0869fc601..d8d61657986 100644 --- a/service/schemas/api_client.go +++ b/service/schemas/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/schemas/auth.go b/service/schemas/auth.go index 482e04c18cd..83688f789cd 100644 --- a/service/schemas/auth.go +++ b/service/schemas/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/schemas/endpoints.go b/service/schemas/endpoints.go index 500813661f7..3d1601db021 100644 --- a/service/schemas/endpoints.go +++ b/service/schemas/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/schemas/options.go b/service/schemas/options.go index 82be4a2bb17..655aaf1c4f5 100644 --- a/service/schemas/options.go +++ b/service/schemas/options.go @@ -5,6 +5,7 @@ package schemas import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/secretsmanager/api_client.go b/service/secretsmanager/api_client.go index 99c25849ba3..042b85f4fba 100644 --- a/service/secretsmanager/api_client.go +++ b/service/secretsmanager/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/secretsmanager/auth.go b/service/secretsmanager/auth.go index ff911710d8d..6e39c4d003f 100644 --- a/service/secretsmanager/auth.go +++ b/service/secretsmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/secretsmanager/endpoints.go b/service/secretsmanager/endpoints.go index 347bcf0d595..1b5704c067c 100644 --- a/service/secretsmanager/endpoints.go +++ b/service/secretsmanager/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -534,7 +535,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -563,6 +564,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -573,7 +577,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/secretsmanager/options.go b/service/secretsmanager/options.go index a8817523e98..4c1b9a0f819 100644 --- a/service/secretsmanager/options.go +++ b/service/secretsmanager/options.go @@ -5,6 +5,7 @@ package secretsmanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/securityhub/api_client.go b/service/securityhub/api_client.go index 4f6aefa66c9..1df85cf57b0 100644 --- a/service/securityhub/api_client.go +++ b/service/securityhub/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/securityhub/auth.go b/service/securityhub/auth.go index e0c22d1f710..7d70e230e5f 100644 --- a/service/securityhub/auth.go +++ b/service/securityhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/securityhub/endpoints.go b/service/securityhub/endpoints.go index 12519f0f80e..f04486dd4cd 100644 --- a/service/securityhub/endpoints.go +++ b/service/securityhub/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/securityhub/options.go b/service/securityhub/options.go index ac4e7ec6d08..6b86e64006f 100644 --- a/service/securityhub/options.go +++ b/service/securityhub/options.go @@ -5,6 +5,7 @@ package securityhub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/securitylake/api_client.go b/service/securitylake/api_client.go index cbf658d2388..4e3371a642e 100644 --- a/service/securitylake/api_client.go +++ b/service/securitylake/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/securitylake/auth.go b/service/securitylake/auth.go index 9dd7760a79f..410df8b7831 100644 --- a/service/securitylake/auth.go +++ b/service/securitylake/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/securitylake/endpoints.go b/service/securitylake/endpoints.go index 1e5a3c0310e..a625f004a61 100644 --- a/service/securitylake/endpoints.go +++ b/service/securitylake/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/securitylake/options.go b/service/securitylake/options.go index 0e1d88c8a88..53a9a2d0ddb 100644 --- a/service/securitylake/options.go +++ b/service/securitylake/options.go @@ -5,6 +5,7 @@ package securitylake import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/serverlessapplicationrepository/api_client.go b/service/serverlessapplicationrepository/api_client.go index ade485b2d12..b5c783ccd7c 100644 --- a/service/serverlessapplicationrepository/api_client.go +++ b/service/serverlessapplicationrepository/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/serverlessapplicationrepository/auth.go b/service/serverlessapplicationrepository/auth.go index ebd835f7958..5ab80392b7a 100644 --- a/service/serverlessapplicationrepository/auth.go +++ b/service/serverlessapplicationrepository/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/serverlessapplicationrepository/endpoints.go b/service/serverlessapplicationrepository/endpoints.go index 9ab530aa066..d36ed61d0cf 100644 --- a/service/serverlessapplicationrepository/endpoints.go +++ b/service/serverlessapplicationrepository/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/serverlessapplicationrepository/options.go b/service/serverlessapplicationrepository/options.go index be06d23b895..97447c81449 100644 --- a/service/serverlessapplicationrepository/options.go +++ b/service/serverlessapplicationrepository/options.go @@ -5,6 +5,7 @@ package serverlessapplicationrepository import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicecatalog/api_client.go b/service/servicecatalog/api_client.go index 014a8d75ff7..1902f9f0b77 100644 --- a/service/servicecatalog/api_client.go +++ b/service/servicecatalog/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicecatalog/auth.go b/service/servicecatalog/auth.go index b524f9eb0c5..a0cb682c40b 100644 --- a/service/servicecatalog/auth.go +++ b/service/servicecatalog/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicecatalog/endpoints.go b/service/servicecatalog/endpoints.go index 84fe4a0c737..1a2798934a5 100644 --- a/service/servicecatalog/endpoints.go +++ b/service/servicecatalog/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicecatalog/options.go b/service/servicecatalog/options.go index a7ded309f4c..ec5080f7731 100644 --- a/service/servicecatalog/options.go +++ b/service/servicecatalog/options.go @@ -5,6 +5,7 @@ package servicecatalog import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicecatalogappregistry/api_client.go b/service/servicecatalogappregistry/api_client.go index 601a061cf53..8383514c4ed 100644 --- a/service/servicecatalogappregistry/api_client.go +++ b/service/servicecatalogappregistry/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicecatalogappregistry/auth.go b/service/servicecatalogappregistry/auth.go index 9be5e3dd121..12e794e99f7 100644 --- a/service/servicecatalogappregistry/auth.go +++ b/service/servicecatalogappregistry/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicecatalogappregistry/endpoints.go b/service/servicecatalogappregistry/endpoints.go index f5146673933..a035edaa6e9 100644 --- a/service/servicecatalogappregistry/endpoints.go +++ b/service/servicecatalogappregistry/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicecatalogappregistry/options.go b/service/servicecatalogappregistry/options.go index 73733a6f550..3572e32ca0c 100644 --- a/service/servicecatalogappregistry/options.go +++ b/service/servicecatalogappregistry/options.go @@ -5,6 +5,7 @@ package servicecatalogappregistry import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicediscovery/api_client.go b/service/servicediscovery/api_client.go index 14b734ac9bd..862904c2e17 100644 --- a/service/servicediscovery/api_client.go +++ b/service/servicediscovery/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicediscovery/auth.go b/service/servicediscovery/auth.go index d5461ba4751..725667002b7 100644 --- a/service/servicediscovery/auth.go +++ b/service/servicediscovery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicediscovery/endpoints.go b/service/servicediscovery/endpoints.go index a00cf7b7df4..d20fb44782a 100644 --- a/service/servicediscovery/endpoints.go +++ b/service/servicediscovery/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -496,7 +497,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -525,6 +526,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicediscovery/options.go b/service/servicediscovery/options.go index 340a4980aa2..1f02680fa6b 100644 --- a/service/servicediscovery/options.go +++ b/service/servicediscovery/options.go @@ -5,6 +5,7 @@ package servicediscovery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicequotas/api_client.go b/service/servicequotas/api_client.go index 88ffac5cb6c..70870fe4e8e 100644 --- a/service/servicequotas/api_client.go +++ b/service/servicequotas/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicequotas/auth.go b/service/servicequotas/auth.go index ceed199dc8f..a8810b1ec92 100644 --- a/service/servicequotas/auth.go +++ b/service/servicequotas/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicequotas/endpoints.go b/service/servicequotas/endpoints.go index 8c9177c6305..d5d969f3645 100644 --- a/service/servicequotas/endpoints.go +++ b/service/servicequotas/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicequotas/options.go b/service/servicequotas/options.go index fb84fcd2073..c0ced9993d0 100644 --- a/service/servicequotas/options.go +++ b/service/servicequotas/options.go @@ -5,6 +5,7 @@ package servicequotas import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ses/api_client.go b/service/ses/api_client.go index d8f0eef5b57..85f5153eab8 100644 --- a/service/ses/api_client.go +++ b/service/ses/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ses/auth.go b/service/ses/auth.go index d8b13cc7ba2..fe07bb1a7aa 100644 --- a/service/ses/auth.go +++ b/service/ses/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ses/endpoints.go b/service/ses/endpoints.go index 9996efb86e7..378a6aca667 100644 --- a/service/ses/endpoints.go +++ b/service/ses/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ses/options.go b/service/ses/options.go index 4228f8c9284..c44ee3b4b27 100644 --- a/service/ses/options.go +++ b/service/ses/options.go @@ -5,6 +5,7 @@ package ses import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sesv2/api_client.go b/service/sesv2/api_client.go index 07eee0aa560..6472a5cf920 100644 --- a/service/sesv2/api_client.go +++ b/service/sesv2/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sesv2/auth.go b/service/sesv2/auth.go index 394c55f4eb3..a6c802789bc 100644 --- a/service/sesv2/auth.go +++ b/service/sesv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sesv2/endpoints.go b/service/sesv2/endpoints.go index d5ef5240c72..bc8157fa61c 100644 --- a/service/sesv2/endpoints.go +++ b/service/sesv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sesv2/options.go b/service/sesv2/options.go index 8c495a0a7bc..cebe05b2d4f 100644 --- a/service/sesv2/options.go +++ b/service/sesv2/options.go @@ -5,6 +5,7 @@ package sesv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sfn/api_client.go b/service/sfn/api_client.go index 2d0e82da400..c2529cd96ce 100644 --- a/service/sfn/api_client.go +++ b/service/sfn/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sfn/auth.go b/service/sfn/auth.go index 1322e8d24ba..65c92ae2d28 100644 --- a/service/sfn/auth.go +++ b/service/sfn/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sfn/endpoints.go b/service/sfn/endpoints.go index 3fa62e78d19..d126551883c 100644 --- a/service/sfn/endpoints.go +++ b/service/sfn/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -452,7 +453,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -481,6 +482,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -491,7 +495,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sfn/options.go b/service/sfn/options.go index dd620811879..2c0151a4f41 100644 --- a/service/sfn/options.go +++ b/service/sfn/options.go @@ -5,6 +5,7 @@ package sfn import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/shield/api_client.go b/service/shield/api_client.go index 521f9b352fa..93d9de51a20 100644 --- a/service/shield/api_client.go +++ b/service/shield/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/shield/auth.go b/service/shield/auth.go index 153d4e905cf..589f97d43e3 100644 --- a/service/shield/auth.go +++ b/service/shield/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/shield/endpoints.go b/service/shield/endpoints.go index 8a6f9e38aa2..9f808b15c6d 100644 --- a/service/shield/endpoints.go +++ b/service/shield/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -508,7 +509,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -537,6 +538,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/shield/options.go b/service/shield/options.go index 7bcfe299f36..be473a280ba 100644 --- a/service/shield/options.go +++ b/service/shield/options.go @@ -5,6 +5,7 @@ package shield import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/signer/api_client.go b/service/signer/api_client.go index d4eaba85662..d01193200cf 100644 --- a/service/signer/api_client.go +++ b/service/signer/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/signer/auth.go b/service/signer/auth.go index 873472ff6c1..9405b6e607b 100644 --- a/service/signer/auth.go +++ b/service/signer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/signer/endpoints.go b/service/signer/endpoints.go index e4dbaa11f14..66ccffd7160 100644 --- a/service/signer/endpoints.go +++ b/service/signer/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/signer/options.go b/service/signer/options.go index 5b89a761c1f..d1969254939 100644 --- a/service/signer/options.go +++ b/service/signer/options.go @@ -5,6 +5,7 @@ package signer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/simspaceweaver/api_client.go b/service/simspaceweaver/api_client.go index bd91384e232..4f5f2b7cf50 100644 --- a/service/simspaceweaver/api_client.go +++ b/service/simspaceweaver/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/simspaceweaver/auth.go b/service/simspaceweaver/auth.go index 13155737ce6..b46bfad9f84 100644 --- a/service/simspaceweaver/auth.go +++ b/service/simspaceweaver/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/simspaceweaver/endpoints.go b/service/simspaceweaver/endpoints.go index 685fa035ecb..cb1cd33d43f 100644 --- a/service/simspaceweaver/endpoints.go +++ b/service/simspaceweaver/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/simspaceweaver/options.go b/service/simspaceweaver/options.go index 658f08ee598..6d04c4d2f8f 100644 --- a/service/simspaceweaver/options.go +++ b/service/simspaceweaver/options.go @@ -5,6 +5,7 @@ package simspaceweaver import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sms/api_client.go b/service/sms/api_client.go index 6dc843ea16b..4aa35247c09 100644 --- a/service/sms/api_client.go +++ b/service/sms/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sms/auth.go b/service/sms/auth.go index 3409c153804..e6853e797d7 100644 --- a/service/sms/auth.go +++ b/service/sms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sms/endpoints.go b/service/sms/endpoints.go index dc2547cdf33..e09e8d362c5 100644 --- a/service/sms/endpoints.go +++ b/service/sms/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sms/options.go b/service/sms/options.go index e664fe1ab67..d6b75a64b76 100644 --- a/service/sms/options.go +++ b/service/sms/options.go @@ -5,6 +5,7 @@ package sms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/snowball/api_client.go b/service/snowball/api_client.go index cc3db20eeae..1410ebc1b50 100644 --- a/service/snowball/api_client.go +++ b/service/snowball/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/snowball/auth.go b/service/snowball/auth.go index 51a68ca8409..dc9d8df3ebf 100644 --- a/service/snowball/auth.go +++ b/service/snowball/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/snowball/endpoints.go b/service/snowball/endpoints.go index a16be2260d3..8178baec0c9 100644 --- a/service/snowball/endpoints.go +++ b/service/snowball/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/snowball/options.go b/service/snowball/options.go index 6a2215c6ee6..b98f6709f7b 100644 --- a/service/snowball/options.go +++ b/service/snowball/options.go @@ -5,6 +5,7 @@ package snowball import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/snowdevicemanagement/api_client.go b/service/snowdevicemanagement/api_client.go index 82c9c24d13f..9e5eed5d303 100644 --- a/service/snowdevicemanagement/api_client.go +++ b/service/snowdevicemanagement/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/snowdevicemanagement/auth.go b/service/snowdevicemanagement/auth.go index 49885783d79..fa208b85bab 100644 --- a/service/snowdevicemanagement/auth.go +++ b/service/snowdevicemanagement/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/snowdevicemanagement/endpoints.go b/service/snowdevicemanagement/endpoints.go index 7794ab1d240..e47a9d01f7a 100644 --- a/service/snowdevicemanagement/endpoints.go +++ b/service/snowdevicemanagement/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/snowdevicemanagement/options.go b/service/snowdevicemanagement/options.go index a23aaa58de7..9cdd2e98902 100644 --- a/service/snowdevicemanagement/options.go +++ b/service/snowdevicemanagement/options.go @@ -5,6 +5,7 @@ package snowdevicemanagement import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sns/api_client.go b/service/sns/api_client.go index f9f49a4a169..dca5b1975c6 100644 --- a/service/sns/api_client.go +++ b/service/sns/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sns/auth.go b/service/sns/auth.go index 136bcc44ccc..21216a84156 100644 --- a/service/sns/auth.go +++ b/service/sns/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sns/endpoints.go b/service/sns/endpoints.go index 57a5d562876..b4b1ee018d0 100644 --- a/service/sns/endpoints.go +++ b/service/sns/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +466,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -494,6 +495,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sns/options.go b/service/sns/options.go index 164bc9fd80b..f935b6a2000 100644 --- a/service/sns/options.go +++ b/service/sns/options.go @@ -5,6 +5,7 @@ package sns import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sqs/api_client.go b/service/sqs/api_client.go index 078e5a039b1..ae0c312c650 100644 --- a/service/sqs/api_client.go +++ b/service/sqs/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sqs/auth.go b/service/sqs/auth.go index 22607b3fb91..20689338a6b 100644 --- a/service/sqs/auth.go +++ b/service/sqs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sqs/endpoints.go b/service/sqs/endpoints.go index 4f9a68efbbe..4bb4acf0a5f 100644 --- a/service/sqs/endpoints.go +++ b/service/sqs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sqs/options.go b/service/sqs/options.go index ce3b7c08a4f..0b3c0e327a7 100644 --- a/service/sqs/options.go +++ b/service/sqs/options.go @@ -5,6 +5,7 @@ package sqs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssm/api_client.go b/service/ssm/api_client.go index 973f468d6cc..ca54f27adc9 100644 --- a/service/ssm/api_client.go +++ b/service/ssm/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssm/auth.go b/service/ssm/auth.go index bad85d052dc..c811c25229f 100644 --- a/service/ssm/auth.go +++ b/service/ssm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssm/endpoints.go b/service/ssm/endpoints.go index 4cd4e2f7005..e015299eddf 100644 --- a/service/ssm/endpoints.go +++ b/service/ssm/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssm/options.go b/service/ssm/options.go index 197dfd32601..afa9b6b9a98 100644 --- a/service/ssm/options.go +++ b/service/ssm/options.go @@ -5,6 +5,7 @@ package ssm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmcontacts/api_client.go b/service/ssmcontacts/api_client.go index 2d5df6a118c..eefb97f5ae6 100644 --- a/service/ssmcontacts/api_client.go +++ b/service/ssmcontacts/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssmcontacts/auth.go b/service/ssmcontacts/auth.go index 09b1868c310..c53c93b4d4e 100644 --- a/service/ssmcontacts/auth.go +++ b/service/ssmcontacts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmcontacts/endpoints.go b/service/ssmcontacts/endpoints.go index b10d9225b07..4d693fdbb06 100644 --- a/service/ssmcontacts/endpoints.go +++ b/service/ssmcontacts/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmcontacts/options.go b/service/ssmcontacts/options.go index 33962843fa0..fd0a250b7f7 100644 --- a/service/ssmcontacts/options.go +++ b/service/ssmcontacts/options.go @@ -5,6 +5,7 @@ package ssmcontacts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmincidents/api_client.go b/service/ssmincidents/api_client.go index 051d9b9ec25..e04be26b2e5 100644 --- a/service/ssmincidents/api_client.go +++ b/service/ssmincidents/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssmincidents/auth.go b/service/ssmincidents/auth.go index 6ea64afa132..f6a2c922170 100644 --- a/service/ssmincidents/auth.go +++ b/service/ssmincidents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmincidents/endpoints.go b/service/ssmincidents/endpoints.go index b53257d9c7d..81187cebe3c 100644 --- a/service/ssmincidents/endpoints.go +++ b/service/ssmincidents/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmincidents/options.go b/service/ssmincidents/options.go index 4e460d6bae7..2a4f40e54b6 100644 --- a/service/ssmincidents/options.go +++ b/service/ssmincidents/options.go @@ -5,6 +5,7 @@ package ssmincidents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmsap/api_client.go b/service/ssmsap/api_client.go index 9fa396085f0..03f2c226721 100644 --- a/service/ssmsap/api_client.go +++ b/service/ssmsap/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssmsap/auth.go b/service/ssmsap/auth.go index 97794fe045c..a2ad83a190c 100644 --- a/service/ssmsap/auth.go +++ b/service/ssmsap/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmsap/endpoints.go b/service/ssmsap/endpoints.go index 88aa38c01f2..961050017b2 100644 --- a/service/ssmsap/endpoints.go +++ b/service/ssmsap/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmsap/options.go b/service/ssmsap/options.go index 5d87320d021..2efd232711a 100644 --- a/service/ssmsap/options.go +++ b/service/ssmsap/options.go @@ -5,6 +5,7 @@ package ssmsap import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sso/api_client.go b/service/sso/api_client.go index e439699253b..c5095f458fa 100644 --- a/service/sso/api_client.go +++ b/service/sso/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sso/auth.go b/service/sso/auth.go index 3b28e825dd0..d574fed9b10 100644 --- a/service/sso/auth.go +++ b/service/sso/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -169,7 +169,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sso/endpoints.go b/service/sso/endpoints.go index d31380cf283..e0a3d716ec3 100644 --- a/service/sso/endpoints.go +++ b/service/sso/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sso/options.go b/service/sso/options.go index 5dee7e53f47..9cdd5b797f5 100644 --- a/service/sso/options.go +++ b/service/sso/options.go @@ -5,6 +5,7 @@ package sso import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssoadmin/api_client.go b/service/ssoadmin/api_client.go index 55a0d66be7d..139c27ab167 100644 --- a/service/ssoadmin/api_client.go +++ b/service/ssoadmin/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssoadmin/auth.go b/service/ssoadmin/auth.go index 1e646df3446..5a618ac3293 100644 --- a/service/ssoadmin/auth.go +++ b/service/ssoadmin/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssoadmin/endpoints.go b/service/ssoadmin/endpoints.go index 97ab01ada72..07ea4c937a7 100644 --- a/service/ssoadmin/endpoints.go +++ b/service/ssoadmin/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssoadmin/options.go b/service/ssoadmin/options.go index 19a73da494a..8a44007985e 100644 --- a/service/ssoadmin/options.go +++ b/service/ssoadmin/options.go @@ -5,6 +5,7 @@ package ssoadmin import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssooidc/api_client.go b/service/ssooidc/api_client.go index fed0897390b..6c02a4e091f 100644 --- a/service/ssooidc/api_client.go +++ b/service/ssooidc/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssooidc/auth.go b/service/ssooidc/auth.go index 40b3becb9f2..ecb841f2686 100644 --- a/service/ssooidc/auth.go +++ b/service/ssooidc/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -163,7 +163,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssooidc/endpoints.go b/service/ssooidc/endpoints.go index 85b87089026..2eec8c2ce31 100644 --- a/service/ssooidc/endpoints.go +++ b/service/ssooidc/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssooidc/options.go b/service/ssooidc/options.go index b964e7e1090..841e61d60d7 100644 --- a/service/ssooidc/options.go +++ b/service/ssooidc/options.go @@ -5,6 +5,7 @@ package ssooidc import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/storagegateway/api_client.go b/service/storagegateway/api_client.go index 63cd7792ecb..a29c8dd25ae 100644 --- a/service/storagegateway/api_client.go +++ b/service/storagegateway/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/storagegateway/auth.go b/service/storagegateway/auth.go index d269b16dcfe..5776f0da0e7 100644 --- a/service/storagegateway/auth.go +++ b/service/storagegateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/storagegateway/endpoints.go b/service/storagegateway/endpoints.go index 037dfd38855..74245959d4f 100644 --- a/service/storagegateway/endpoints.go +++ b/service/storagegateway/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/storagegateway/options.go b/service/storagegateway/options.go index 56242643334..e4a1083a6ee 100644 --- a/service/storagegateway/options.go +++ b/service/storagegateway/options.go @@ -5,6 +5,7 @@ package storagegateway import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sts/api_client.go b/service/sts/api_client.go index 369de83b8bc..4b7cb065a54 100644 --- a/service/sts/api_client.go +++ b/service/sts/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sts/auth.go b/service/sts/auth.go index 9db5bfd4348..e20b3be850c 100644 --- a/service/sts/auth.go +++ b/service/sts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -157,7 +157,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sts/endpoints.go b/service/sts/endpoints.go index 9f7932f9a06..ff586fda634 100644 --- a/service/sts/endpoints.go +++ b/service/sts/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -1038,7 +1039,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1067,6 +1068,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -1077,7 +1081,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sts/options.go b/service/sts/options.go index 5c1be79f8c0..03e67beeb6f 100644 --- a/service/sts/options.go +++ b/service/sts/options.go @@ -5,6 +5,7 @@ package sts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/support/api_client.go b/service/support/api_client.go index 26c69a172e5..5c6e7a80b62 100644 --- a/service/support/api_client.go +++ b/service/support/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/support/auth.go b/service/support/auth.go index f0e15a2b911..7b975565753 100644 --- a/service/support/auth.go +++ b/service/support/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/support/endpoints.go b/service/support/endpoints.go index 78320a6dea0..9c818675a8b 100644 --- a/service/support/endpoints.go +++ b/service/support/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -610,7 +611,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -639,6 +640,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -649,7 +653,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/support/options.go b/service/support/options.go index 69b1659dd46..5dff19a353a 100644 --- a/service/support/options.go +++ b/service/support/options.go @@ -5,6 +5,7 @@ package support import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/supportapp/api_client.go b/service/supportapp/api_client.go index 6c07bd2471d..fd954721db4 100644 --- a/service/supportapp/api_client.go +++ b/service/supportapp/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/supportapp/auth.go b/service/supportapp/auth.go index 92a79c6d6c2..4baed168af6 100644 --- a/service/supportapp/auth.go +++ b/service/supportapp/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/supportapp/endpoints.go b/service/supportapp/endpoints.go index 463f926d78c..9b2697330c3 100644 --- a/service/supportapp/endpoints.go +++ b/service/supportapp/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/supportapp/options.go b/service/supportapp/options.go index 673b81f421e..62cb36c77c4 100644 --- a/service/supportapp/options.go +++ b/service/supportapp/options.go @@ -5,6 +5,7 @@ package supportapp import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/swf/api_client.go b/service/swf/api_client.go index 5c96e1b3b7b..1483f9e96a2 100644 --- a/service/swf/api_client.go +++ b/service/swf/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/swf/auth.go b/service/swf/auth.go index a65f2703925..32987e77cc2 100644 --- a/service/swf/auth.go +++ b/service/swf/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/swf/endpoints.go b/service/swf/endpoints.go index 3ce4e00f7d0..1708c94a0fb 100644 --- a/service/swf/endpoints.go +++ b/service/swf/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/swf/options.go b/service/swf/options.go index bdd7ae4f100..3cb6d307752 100644 --- a/service/swf/options.go +++ b/service/swf/options.go @@ -5,6 +5,7 @@ package swf import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/synthetics/api_client.go b/service/synthetics/api_client.go index d4e227181a1..8e5936d6bce 100644 --- a/service/synthetics/api_client.go +++ b/service/synthetics/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/synthetics/auth.go b/service/synthetics/auth.go index e4c639e0d5b..9fb86541dee 100644 --- a/service/synthetics/auth.go +++ b/service/synthetics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/synthetics/endpoints.go b/service/synthetics/endpoints.go index a06c0238657..c6c5191c6c5 100644 --- a/service/synthetics/endpoints.go +++ b/service/synthetics/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/synthetics/options.go b/service/synthetics/options.go index 58706c4623f..4fda82a51e3 100644 --- a/service/synthetics/options.go +++ b/service/synthetics/options.go @@ -5,6 +5,7 @@ package synthetics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/textract/api_client.go b/service/textract/api_client.go index 396aa5e859a..e30a006a4ed 100644 --- a/service/textract/api_client.go +++ b/service/textract/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/textract/auth.go b/service/textract/auth.go index 84f5509736d..b4596a38b0a 100644 --- a/service/textract/auth.go +++ b/service/textract/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/textract/endpoints.go b/service/textract/endpoints.go index a269fce1fe4..719f07231d5 100644 --- a/service/textract/endpoints.go +++ b/service/textract/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/textract/options.go b/service/textract/options.go index 3196d15dc46..74deb331087 100644 --- a/service/textract/options.go +++ b/service/textract/options.go @@ -5,6 +5,7 @@ package textract import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamquery/api_client.go b/service/timestreamquery/api_client.go index 38d59291619..e271e125355 100644 --- a/service/timestreamquery/api_client.go +++ b/service/timestreamquery/api_client.go @@ -244,15 +244,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/timestreamquery/auth.go b/service/timestreamquery/auth.go index 2465a26d10d..294027f6299 100644 --- a/service/timestreamquery/auth.go +++ b/service/timestreamquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreamquery/endpoints.go b/service/timestreamquery/endpoints.go index a51df9d2afe..66d2afbec82 100644 --- a/service/timestreamquery/endpoints.go +++ b/service/timestreamquery/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreamquery/options.go b/service/timestreamquery/options.go index 63731806d26..1503054bc80 100644 --- a/service/timestreamquery/options.go +++ b/service/timestreamquery/options.go @@ -5,6 +5,7 @@ package timestreamquery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamwrite/api_client.go b/service/timestreamwrite/api_client.go index 9faa3c21310..0fd878f9bc8 100644 --- a/service/timestreamwrite/api_client.go +++ b/service/timestreamwrite/api_client.go @@ -244,15 +244,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/timestreamwrite/auth.go b/service/timestreamwrite/auth.go index 60a82021688..08c2a877035 100644 --- a/service/timestreamwrite/auth.go +++ b/service/timestreamwrite/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreamwrite/endpoints.go b/service/timestreamwrite/endpoints.go index 59271f0e4b5..d6c79e921fd 100644 --- a/service/timestreamwrite/endpoints.go +++ b/service/timestreamwrite/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -458,7 +459,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -487,6 +488,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreamwrite/options.go b/service/timestreamwrite/options.go index d5fe7e8d723..d393f59f8cb 100644 --- a/service/timestreamwrite/options.go +++ b/service/timestreamwrite/options.go @@ -5,6 +5,7 @@ package timestreamwrite import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/tnb/api_client.go b/service/tnb/api_client.go index 19c5b75c2c4..1d0713bbd8e 100644 --- a/service/tnb/api_client.go +++ b/service/tnb/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/tnb/auth.go b/service/tnb/auth.go index 1da0161e821..83533426e06 100644 --- a/service/tnb/auth.go +++ b/service/tnb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/tnb/endpoints.go b/service/tnb/endpoints.go index bd23bb12baf..0a8761cf620 100644 --- a/service/tnb/endpoints.go +++ b/service/tnb/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/tnb/options.go b/service/tnb/options.go index 8c585deba7a..af299bb0c6f 100644 --- a/service/tnb/options.go +++ b/service/tnb/options.go @@ -5,6 +5,7 @@ package tnb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transcribe/api_client.go b/service/transcribe/api_client.go index b4bba7691f9..c980439724a 100644 --- a/service/transcribe/api_client.go +++ b/service/transcribe/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/transcribe/auth.go b/service/transcribe/auth.go index 1c7d78b943b..75474c0b586 100644 --- a/service/transcribe/auth.go +++ b/service/transcribe/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transcribe/endpoints.go b/service/transcribe/endpoints.go index 8b57b310855..871c71fc5a1 100644 --- a/service/transcribe/endpoints.go +++ b/service/transcribe/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -503,7 +504,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -532,6 +533,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -542,7 +546,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transcribe/options.go b/service/transcribe/options.go index 6960421abe6..b4282d1d0f4 100644 --- a/service/transcribe/options.go +++ b/service/transcribe/options.go @@ -5,6 +5,7 @@ package transcribe import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transcribestreaming/api_client.go b/service/transcribestreaming/api_client.go index f051ff0f631..c79eef39857 100644 --- a/service/transcribestreaming/api_client.go +++ b/service/transcribestreaming/api_client.go @@ -232,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/transcribestreaming/auth.go b/service/transcribestreaming/auth.go index 2fe6c8b9f3d..1db9c2c4fa4 100644 --- a/service/transcribestreaming/auth.go +++ b/service/transcribestreaming/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transcribestreaming/endpoints.go b/service/transcribestreaming/endpoints.go index 09dc0517777..d1b0b8db17a 100644 --- a/service/transcribestreaming/endpoints.go +++ b/service/transcribestreaming/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transcribestreaming/options.go b/service/transcribestreaming/options.go index 29197d36f90..8131ecd5afa 100644 --- a/service/transcribestreaming/options.go +++ b/service/transcribestreaming/options.go @@ -5,6 +5,7 @@ package transcribestreaming import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transfer/api_client.go b/service/transfer/api_client.go index 1c62f466764..a0c776fa08d 100644 --- a/service/transfer/api_client.go +++ b/service/transfer/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/transfer/auth.go b/service/transfer/auth.go index 95de6b8fd2c..26d73de17f8 100644 --- a/service/transfer/auth.go +++ b/service/transfer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transfer/endpoints.go b/service/transfer/endpoints.go index 59ae020d821..ade877b3a0b 100644 --- a/service/transfer/endpoints.go +++ b/service/transfer/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transfer/options.go b/service/transfer/options.go index d78c3b1b72c..b3cc5d2ca34 100644 --- a/service/transfer/options.go +++ b/service/transfer/options.go @@ -5,6 +5,7 @@ package transfer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/translate/api_client.go b/service/translate/api_client.go index 146d04c4aaf..bece2c12790 100644 --- a/service/translate/api_client.go +++ b/service/translate/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/translate/auth.go b/service/translate/auth.go index f791a4e28e4..d56c37d8345 100644 --- a/service/translate/auth.go +++ b/service/translate/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/translate/endpoints.go b/service/translate/endpoints.go index 94affb07744..95eae110dcd 100644 --- a/service/translate/endpoints.go +++ b/service/translate/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/translate/options.go b/service/translate/options.go index 2ce6b77d68d..b6e740daab1 100644 --- a/service/translate/options.go +++ b/service/translate/options.go @@ -5,6 +5,7 @@ package translate import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/trustedadvisor/api_client.go b/service/trustedadvisor/api_client.go index 599b9cc5576..a3c3ee4f316 100644 --- a/service/trustedadvisor/api_client.go +++ b/service/trustedadvisor/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/trustedadvisor/auth.go b/service/trustedadvisor/auth.go index 9cb3a4bb1c9..67a9590deea 100644 --- a/service/trustedadvisor/auth.go +++ b/service/trustedadvisor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/trustedadvisor/endpoints.go b/service/trustedadvisor/endpoints.go index 0b0a40d85c8..626e98680b7 100644 --- a/service/trustedadvisor/endpoints.go +++ b/service/trustedadvisor/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/trustedadvisor/options.go b/service/trustedadvisor/options.go index 4114ac3e216..448aa21b4d8 100644 --- a/service/trustedadvisor/options.go +++ b/service/trustedadvisor/options.go @@ -5,6 +5,7 @@ package trustedadvisor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/verifiedpermissions/api_client.go b/service/verifiedpermissions/api_client.go index ff4a9917886..1873f98302d 100644 --- a/service/verifiedpermissions/api_client.go +++ b/service/verifiedpermissions/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/verifiedpermissions/auth.go b/service/verifiedpermissions/auth.go index 540779edade..3f93b4a6033 100644 --- a/service/verifiedpermissions/auth.go +++ b/service/verifiedpermissions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/verifiedpermissions/endpoints.go b/service/verifiedpermissions/endpoints.go index 4e7b394938f..4641f8af287 100644 --- a/service/verifiedpermissions/endpoints.go +++ b/service/verifiedpermissions/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/verifiedpermissions/options.go b/service/verifiedpermissions/options.go index d31ad4c9c98..919014b294e 100644 --- a/service/verifiedpermissions/options.go +++ b/service/verifiedpermissions/options.go @@ -5,6 +5,7 @@ package verifiedpermissions import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/voiceid/api_client.go b/service/voiceid/api_client.go index 5c0c7c63fa6..f543e8afd8c 100644 --- a/service/voiceid/api_client.go +++ b/service/voiceid/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/voiceid/auth.go b/service/voiceid/auth.go index c5f2ae669c6..7fde10e24f8 100644 --- a/service/voiceid/auth.go +++ b/service/voiceid/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/voiceid/endpoints.go b/service/voiceid/endpoints.go index 4132bd0020f..3dbaf25c40a 100644 --- a/service/voiceid/endpoints.go +++ b/service/voiceid/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/voiceid/options.go b/service/voiceid/options.go index cb30aaf68fc..81b5c73454f 100644 --- a/service/voiceid/options.go +++ b/service/voiceid/options.go @@ -5,6 +5,7 @@ package voiceid import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/vpclattice/api_client.go b/service/vpclattice/api_client.go index c860cb1cc15..f2d2d101d04 100644 --- a/service/vpclattice/api_client.go +++ b/service/vpclattice/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/vpclattice/auth.go b/service/vpclattice/auth.go index 4fa45714d18..bb66c509f11 100644 --- a/service/vpclattice/auth.go +++ b/service/vpclattice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/vpclattice/endpoints.go b/service/vpclattice/endpoints.go index acafbf6ac62..bcad1242857 100644 --- a/service/vpclattice/endpoints.go +++ b/service/vpclattice/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/vpclattice/options.go b/service/vpclattice/options.go index 791d3a84876..0c732dce281 100644 --- a/service/vpclattice/options.go +++ b/service/vpclattice/options.go @@ -5,6 +5,7 @@ package vpclattice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/waf/api_client.go b/service/waf/api_client.go index 0107b47b9d7..eb2a5e2290b 100644 --- a/service/waf/api_client.go +++ b/service/waf/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/waf/auth.go b/service/waf/auth.go index 8d84b8a0f06..4aa413d0a38 100644 --- a/service/waf/auth.go +++ b/service/waf/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/waf/endpoints.go b/service/waf/endpoints.go index d9444a94e41..008ebf7990d 100644 --- a/service/waf/endpoints.go +++ b/service/waf/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -508,7 +509,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -537,6 +538,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/waf/options.go b/service/waf/options.go index 759f9257429..228ff998d33 100644 --- a/service/waf/options.go +++ b/service/waf/options.go @@ -5,6 +5,7 @@ package waf import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wafregional/api_client.go b/service/wafregional/api_client.go index 2da6ab3bc40..2b83b31d423 100644 --- a/service/wafregional/api_client.go +++ b/service/wafregional/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wafregional/auth.go b/service/wafregional/auth.go index cb5fa2387ca..26d35ca33a2 100644 --- a/service/wafregional/auth.go +++ b/service/wafregional/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wafregional/endpoints.go b/service/wafregional/endpoints.go index 23a76094677..11ef4efe5ed 100644 --- a/service/wafregional/endpoints.go +++ b/service/wafregional/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wafregional/options.go b/service/wafregional/options.go index 8139ebd1ed6..f9c719ef40f 100644 --- a/service/wafregional/options.go +++ b/service/wafregional/options.go @@ -5,6 +5,7 @@ package wafregional import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wafv2/api_client.go b/service/wafv2/api_client.go index abd5886dd2a..10f9199f4b0 100644 --- a/service/wafv2/api_client.go +++ b/service/wafv2/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wafv2/auth.go b/service/wafv2/auth.go index 79526df359d..e99f5290592 100644 --- a/service/wafv2/auth.go +++ b/service/wafv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wafv2/endpoints.go b/service/wafv2/endpoints.go index 4bbf22037c4..9247a4f5df9 100644 --- a/service/wafv2/endpoints.go +++ b/service/wafv2/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wafv2/options.go b/service/wafv2/options.go index 90a71b90531..51891994117 100644 --- a/service/wafv2/options.go +++ b/service/wafv2/options.go @@ -5,6 +5,7 @@ package wafv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wellarchitected/api_client.go b/service/wellarchitected/api_client.go index 02c2a23882d..2a387825f28 100644 --- a/service/wellarchitected/api_client.go +++ b/service/wellarchitected/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wellarchitected/auth.go b/service/wellarchitected/auth.go index 23a4124917a..329da8d6f89 100644 --- a/service/wellarchitected/auth.go +++ b/service/wellarchitected/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wellarchitected/endpoints.go b/service/wellarchitected/endpoints.go index 5a355385166..56096903626 100644 --- a/service/wellarchitected/endpoints.go +++ b/service/wellarchitected/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wellarchitected/options.go b/service/wellarchitected/options.go index 5b2102017ec..c6a5a901e61 100644 --- a/service/wellarchitected/options.go +++ b/service/wellarchitected/options.go @@ -5,6 +5,7 @@ package wellarchitected import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wisdom/api_client.go b/service/wisdom/api_client.go index 2cc5c36571e..ed01e982858 100644 --- a/service/wisdom/api_client.go +++ b/service/wisdom/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wisdom/auth.go b/service/wisdom/auth.go index cc7e3e81155..21da2a24067 100644 --- a/service/wisdom/auth.go +++ b/service/wisdom/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wisdom/endpoints.go b/service/wisdom/endpoints.go index 528ee8fc173..f9869407e1a 100644 --- a/service/wisdom/endpoints.go +++ b/service/wisdom/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wisdom/options.go b/service/wisdom/options.go index 5dcadba3b04..ae16ff10997 100644 --- a/service/wisdom/options.go +++ b/service/wisdom/options.go @@ -5,6 +5,7 @@ package wisdom import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workdocs/api_client.go b/service/workdocs/api_client.go index 836b32180b7..126b5bc77bd 100644 --- a/service/workdocs/api_client.go +++ b/service/workdocs/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workdocs/auth.go b/service/workdocs/auth.go index 36e28d60a8f..3a558e44720 100644 --- a/service/workdocs/auth.go +++ b/service/workdocs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workdocs/endpoints.go b/service/workdocs/endpoints.go index da26b7a8294..c8585c869e8 100644 --- a/service/workdocs/endpoints.go +++ b/service/workdocs/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workdocs/options.go b/service/workdocs/options.go index df4739d4291..fe7ebfa60fe 100644 --- a/service/workdocs/options.go +++ b/service/workdocs/options.go @@ -5,6 +5,7 @@ package workdocs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/worklink/api_client.go b/service/worklink/api_client.go index 4a8645683cd..ea71c255541 100644 --- a/service/worklink/api_client.go +++ b/service/worklink/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/worklink/auth.go b/service/worklink/auth.go index 1dca21562bd..f7dedb1e01b 100644 --- a/service/worklink/auth.go +++ b/service/worklink/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/worklink/endpoints.go b/service/worklink/endpoints.go index 4cbe69f70ca..a85c044f1b8 100644 --- a/service/worklink/endpoints.go +++ b/service/worklink/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/worklink/options.go b/service/worklink/options.go index 56b4993937b..d3fda138989 100644 --- a/service/worklink/options.go +++ b/service/worklink/options.go @@ -5,6 +5,7 @@ package worklink import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workmail/api_client.go b/service/workmail/api_client.go index 746f8625375..37b79bc2f41 100644 --- a/service/workmail/api_client.go +++ b/service/workmail/api_client.go @@ -233,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workmail/auth.go b/service/workmail/auth.go index 4a967cad3ff..7ea094874bb 100644 --- a/service/workmail/auth.go +++ b/service/workmail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workmail/endpoints.go b/service/workmail/endpoints.go index 4de2592b178..4f57c9f8ab9 100644 --- a/service/workmail/endpoints.go +++ b/service/workmail/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workmail/options.go b/service/workmail/options.go index cb93eca48f2..c2884740323 100644 --- a/service/workmail/options.go +++ b/service/workmail/options.go @@ -5,6 +5,7 @@ package workmail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workmailmessageflow/api_client.go b/service/workmailmessageflow/api_client.go index 2a399897e47..024804b5ecb 100644 --- a/service/workmailmessageflow/api_client.go +++ b/service/workmailmessageflow/api_client.go @@ -230,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workmailmessageflow/auth.go b/service/workmailmessageflow/auth.go index aa173cd2cdf..6d246e3f8fc 100644 --- a/service/workmailmessageflow/auth.go +++ b/service/workmailmessageflow/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workmailmessageflow/endpoints.go b/service/workmailmessageflow/endpoints.go index cf3a237159b..957c1893283 100644 --- a/service/workmailmessageflow/endpoints.go +++ b/service/workmailmessageflow/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workmailmessageflow/options.go b/service/workmailmessageflow/options.go index c8cbc66d0ba..934261a2e69 100644 --- a/service/workmailmessageflow/options.go +++ b/service/workmailmessageflow/options.go @@ -5,6 +5,7 @@ package workmailmessageflow import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspaces/api_client.go b/service/workspaces/api_client.go index 75bdb930596..e8310a8cdf8 100644 --- a/service/workspaces/api_client.go +++ b/service/workspaces/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workspaces/auth.go b/service/workspaces/auth.go index b42be4d1fd9..500a0c2f585 100644 --- a/service/workspaces/auth.go +++ b/service/workspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspaces/endpoints.go b/service/workspaces/endpoints.go index 69aed03d235..711ffccc3c2 100644 --- a/service/workspaces/endpoints.go +++ b/service/workspaces/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspaces/options.go b/service/workspaces/options.go index ba469893f0b..71ae2b2127b 100644 --- a/service/workspaces/options.go +++ b/service/workspaces/options.go @@ -5,6 +5,7 @@ package workspaces import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspacesthinclient/api_client.go b/service/workspacesthinclient/api_client.go index 431023ed515..e09b7d367d2 100644 --- a/service/workspacesthinclient/api_client.go +++ b/service/workspacesthinclient/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workspacesthinclient/auth.go b/service/workspacesthinclient/auth.go index 58483371f89..b7067c0669c 100644 --- a/service/workspacesthinclient/auth.go +++ b/service/workspacesthinclient/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspacesthinclient/endpoints.go b/service/workspacesthinclient/endpoints.go index a96c5898160..adef56710f1 100644 --- a/service/workspacesthinclient/endpoints.go +++ b/service/workspacesthinclient/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspacesthinclient/options.go b/service/workspacesthinclient/options.go index 48b7ff835ab..f2692d3d0fe 100644 --- a/service/workspacesthinclient/options.go +++ b/service/workspacesthinclient/options.go @@ -5,6 +5,7 @@ package workspacesthinclient import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspacesweb/api_client.go b/service/workspacesweb/api_client.go index 52c076674e2..3afeabc9f8b 100644 --- a/service/workspacesweb/api_client.go +++ b/service/workspacesweb/api_client.go @@ -234,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workspacesweb/auth.go b/service/workspacesweb/auth.go index df1f2dc8284..818e1846d96 100644 --- a/service/workspacesweb/auth.go +++ b/service/workspacesweb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspacesweb/endpoints.go b/service/workspacesweb/endpoints.go index 15a220d4afd..da0d1e8f896 100644 --- a/service/workspacesweb/endpoints.go +++ b/service/workspacesweb/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspacesweb/options.go b/service/workspacesweb/options.go index 453592286e9..32f860eee6f 100644 --- a/service/workspacesweb/options.go +++ b/service/workspacesweb/options.go @@ -5,6 +5,7 @@ package workspacesweb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/xray/api_client.go b/service/xray/api_client.go index 971c8b7e100..23e041089ca 100644 --- a/service/xray/api_client.go +++ b/service/xray/api_client.go @@ -229,15 +229,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/xray/auth.go b/service/xray/auth.go index 2535c31d707..e316967f9c5 100644 --- a/service/xray/auth.go +++ b/service/xray/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(params, input, options, ctx) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/xray/endpoints.go b/service/xray/endpoints.go index aed3838d535..9f040df47d4 100644 --- a/service/xray/endpoints.go +++ b/service/xray/endpoints.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -439,7 +440,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -468,6 +469,9 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } + if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/xray/options.go b/service/xray/options.go index bcc3ba46c14..e0a565b78e8 100644 --- a/service/xray/options.go +++ b/service/xray/options.go @@ -5,6 +5,7 @@ package xray import ( "context" "github.com/aws/aws-sdk-go-v2/aws" + accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -24,6 +25,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode accountidmode.AIDMode + // The optional application specific identifier appended to the User-Agent header. AppID string From 96c864efc9ad2355014061a05758a1c8faf4ca26 Mon Sep 17 00:00:00 2001 From: Luc Talatinian Date: Wed, 31 Jan 2024 12:18:17 -0500 Subject: [PATCH 05/20] add accountid and associated suppressions to dynamodb endpoint rules --- codegen/sdk-codegen/aws-models/dynamodb.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/codegen/sdk-codegen/aws-models/dynamodb.json b/codegen/sdk-codegen/aws-models/dynamodb.json index bfa78eaf3b6..29015a76316 100644 --- a/codegen/sdk-codegen/aws-models/dynamodb.json +++ b/codegen/sdk-codegen/aws-models/dynamodb.json @@ -25,6 +25,14 @@ { "id": "Service", "namespace": "*" + }, + { + "id": "RuleSetAwsBuiltIn.AWS::Auth::AccountId", + "namespace": "*" + }, + { + "id": "RuleSetParameter.TestCase.Unused", + "namespace": "*" } ] }, @@ -3739,6 +3747,12 @@ "smithy.rules#endpointRuleSet": { "version": "1.0", "parameters": { + "AccountId": { + "builtIn": "AWS::Auth::AccountId", + "required": false, + "documentation": "The AWS account ID.", + "type": "String" + }, "Region": { "builtIn": "AWS::Region", "required": false, From b4ad6e111f81fb10b32829737ccec9d05ea3cd2b Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Fri, 2 Feb 2024 14:40:40 -0500 Subject: [PATCH 06/20] Modify accountID endpoint builtin --- aws/accountid/account_id.go | 8 +++++--- .../aws/go/codegen/customization/AwsEndpointBuiltins.java | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/aws/accountid/account_id.go b/aws/accountid/account_id.go index 3b41ba1d040..a1736007d37 100644 --- a/aws/accountid/account_id.go +++ b/aws/accountid/account_id.go @@ -18,18 +18,20 @@ func AccountID(identity auth.Identity, mode accountidmode.AIDMode) *string { func CheckAccountID(identity auth.Identity, mode accountidmode.AIDMode) error { switch mode { + case "": case accountidmode.Preferred: case accountidmode.Disabled: case accountidmode.Required: if ca, ok := identity.(*smithy.CredentialsAdapter); !ok { - return fmt.Errorf("the identity provider could not be converted to a valid " + - "credentials adapter and provide an accountID, should try to configure a valid credentials provider") + return fmt.Errorf("the accountID is configured to be required, but the " + + "identity provider could not be converted to a valid credentials adapter " + + "and provide an accountID, should try to configure a valid credentials provider") } else if ca.Credentials.AccountID == "" { return fmt.Errorf("the required accountID could not be empty") } // default check in case invalid mode is configured through request config default: - return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled") + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) } return nil diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java index 458ed6078c5..ba206657cfd 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java @@ -47,7 +47,7 @@ public List getClientPlugins() { .addEndpointBuiltinBinding("AWS::S3::UseArnRegion", BindAwsS3UseArnRegion) .addEndpointBuiltinBinding("AWS::S3::DisableMultiRegionAccessPoints", BindAwsS3DisableMultiRegionAccessPoints) .addEndpointBuiltinBinding("AWS::S3Control::UseArnRegion", BindAwsS3UseArnRegion) - .addEndpointBuiltinBinding("AWS::Auth::AccountID", BindAccountID) + .addEndpointBuiltinBinding("AWS::Auth::AccountId", BindAccountID) .build()); } } From 729b66573d38b8f45b3c2d4b7b6dff15048e0bdd Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Fri, 2 Feb 2024 15:22:40 -0500 Subject: [PATCH 07/20] Add comment for new exported func and const --- aws/accountid/account_id.go | 3 +++ aws/accountid/mode/mode.go | 2 ++ 2 files changed, 5 insertions(+) diff --git a/aws/accountid/account_id.go b/aws/accountid/account_id.go index a1736007d37..6a695afbebb 100644 --- a/aws/accountid/account_id.go +++ b/aws/accountid/account_id.go @@ -8,6 +8,7 @@ import ( "github.com/aws/smithy-go/auth" ) +// AccountID retrieves the accountID from identity or ignores that depending on accountID endpoint mode func AccountID(identity auth.Identity, mode accountidmode.AIDMode) *string { if ca, ok := identity.(*smithy.CredentialsAdapter); ok && (mode == accountidmode.Preferred || mode == accountidmode.Required) { return aws.String(ca.Credentials.AccountID) @@ -16,6 +17,8 @@ func AccountID(identity auth.Identity, mode accountidmode.AIDMode) *string { return nil } +// CheckAccountID checks accountID mode in case the required accountID misses or +// accountID endpoint mode is configured with invalid value func CheckAccountID(identity auth.Identity, mode accountidmode.AIDMode) error { switch mode { case "": diff --git a/aws/accountid/mode/mode.go b/aws/accountid/mode/mode.go index 8f3ff2d2900..2d931954f1c 100644 --- a/aws/accountid/mode/mode.go +++ b/aws/accountid/mode/mode.go @@ -5,12 +5,14 @@ import "fmt" // AIDMode switches on/off the account ID based endpoint routing type AIDMode string +// enums of valid AIDMode const ( Preferred AIDMode = "preferred" Required AIDMode = "required" Disabled AIDMode = "disabled" ) +// SetFromString converts config string to corresponding AIDMode or reports error if the value is not enumerated func (mode *AIDMode) SetFromString(s string) error { switch { case s == "preferred": From 65e74dae3884987880f8ef1ca637ca406c50f6a4 Mon Sep 17 00:00:00 2001 From: Luc Talatinian Date: Mon, 5 Feb 2024 12:07:02 -0500 Subject: [PATCH 08/20] undo most generated code to shrink diff --- .../protocoltest/awsrestjson/api_client.go | 1 - internal/protocoltest/awsrestjson/auth.go | 4 ++-- internal/protocoltest/awsrestjson/options.go | 4 ---- internal/protocoltest/ec2query/api_client.go | 1 - internal/protocoltest/ec2query/auth.go | 4 ++-- internal/protocoltest/ec2query/options.go | 4 ---- internal/protocoltest/jsonrpc/api_client.go | 1 - internal/protocoltest/jsonrpc/auth.go | 8 ++++---- internal/protocoltest/jsonrpc/options.go | 4 ---- internal/protocoltest/jsonrpc10/api_client.go | 1 - internal/protocoltest/jsonrpc10/auth.go | 4 ++-- internal/protocoltest/jsonrpc10/options.go | 4 ---- internal/protocoltest/query/api_client.go | 1 - internal/protocoltest/query/auth.go | 4 ++-- internal/protocoltest/query/options.go | 4 ---- internal/protocoltest/restxml/api_client.go | 1 - internal/protocoltest/restxml/auth.go | 4 ++-- internal/protocoltest/restxml/options.go | 4 ---- .../restxmlwithnamespace/api_client.go | 17 ++++++++--------- .../protocoltest/restxmlwithnamespace/auth.go | 4 ++-- .../restxmlwithnamespace/options.go | 4 ---- service/accessanalyzer/api_client.go | 19 +++++++++---------- service/accessanalyzer/auth.go | 8 ++++---- service/accessanalyzer/endpoints.go | 8 ++------ service/accessanalyzer/options.go | 4 ---- service/account/api_client.go | 19 +++++++++---------- service/account/auth.go | 8 ++++---- service/account/endpoints.go | 8 ++------ service/account/options.go | 4 ---- service/acm/api_client.go | 19 +++++++++---------- service/acm/auth.go | 8 ++++---- service/acm/endpoints.go | 8 ++------ service/acm/options.go | 4 ---- service/acmpca/api_client.go | 19 +++++++++---------- service/acmpca/auth.go | 8 ++++---- service/acmpca/endpoints.go | 8 ++------ service/acmpca/options.go | 4 ---- service/alexaforbusiness/api_client.go | 19 +++++++++---------- service/alexaforbusiness/auth.go | 8 ++++---- service/alexaforbusiness/endpoints.go | 8 ++------ service/alexaforbusiness/options.go | 4 ---- service/amp/api_client.go | 19 +++++++++---------- service/amp/auth.go | 8 ++++---- service/amp/endpoints.go | 8 ++------ service/amp/options.go | 4 ---- service/amplify/api_client.go | 19 +++++++++---------- service/amplify/auth.go | 8 ++++---- service/amplify/endpoints.go | 8 ++------ service/amplify/options.go | 4 ---- service/amplifybackend/api_client.go | 19 +++++++++---------- service/amplifybackend/auth.go | 8 ++++---- service/amplifybackend/endpoints.go | 8 ++------ service/amplifybackend/options.go | 4 ---- service/amplifyuibuilder/api_client.go | 19 +++++++++---------- service/amplifyuibuilder/auth.go | 8 ++++---- service/amplifyuibuilder/endpoints.go | 8 ++------ service/amplifyuibuilder/options.go | 4 ---- service/apigateway/api_client.go | 19 +++++++++---------- service/apigateway/auth.go | 8 ++++---- service/apigateway/endpoints.go | 8 ++------ service/apigateway/options.go | 4 ---- service/apigatewaymanagementapi/api_client.go | 19 +++++++++---------- service/apigatewaymanagementapi/auth.go | 8 ++++---- service/apigatewaymanagementapi/endpoints.go | 8 ++------ service/apigatewaymanagementapi/options.go | 4 ---- service/apigatewayv2/api_client.go | 19 +++++++++---------- service/apigatewayv2/auth.go | 8 ++++---- service/apigatewayv2/endpoints.go | 8 ++------ service/apigatewayv2/options.go | 4 ---- service/appconfig/api_client.go | 19 +++++++++---------- service/appconfig/auth.go | 8 ++++---- service/appconfig/endpoints.go | 8 ++------ service/appconfig/options.go | 4 ---- service/appconfigdata/api_client.go | 19 +++++++++---------- service/appconfigdata/auth.go | 8 ++++---- service/appconfigdata/endpoints.go | 8 ++------ service/appconfigdata/options.go | 4 ---- service/appfabric/api_client.go | 19 +++++++++---------- service/appfabric/auth.go | 8 ++++---- service/appfabric/endpoints.go | 8 ++------ service/appfabric/options.go | 4 ---- service/appflow/api_client.go | 19 +++++++++---------- service/appflow/auth.go | 8 ++++---- service/appflow/endpoints.go | 8 ++------ service/appflow/options.go | 4 ---- service/appintegrations/api_client.go | 19 +++++++++---------- service/appintegrations/auth.go | 8 ++++---- service/appintegrations/endpoints.go | 8 ++------ service/appintegrations/options.go | 4 ---- service/applicationautoscaling/api_client.go | 19 +++++++++---------- service/applicationautoscaling/auth.go | 8 ++++---- service/applicationautoscaling/endpoints.go | 8 ++------ service/applicationautoscaling/options.go | 4 ---- service/applicationcostprofiler/api_client.go | 19 +++++++++---------- service/applicationcostprofiler/auth.go | 8 ++++---- service/applicationcostprofiler/endpoints.go | 8 ++------ service/applicationcostprofiler/options.go | 4 ---- .../applicationdiscoveryservice/api_client.go | 19 +++++++++---------- service/applicationdiscoveryservice/auth.go | 8 ++++---- .../applicationdiscoveryservice/endpoints.go | 8 ++------ .../applicationdiscoveryservice/options.go | 4 ---- service/applicationinsights/api_client.go | 19 +++++++++---------- service/applicationinsights/auth.go | 8 ++++---- service/applicationinsights/endpoints.go | 8 ++------ service/applicationinsights/options.go | 4 ---- service/appmesh/api_client.go | 19 +++++++++---------- service/appmesh/auth.go | 8 ++++---- service/appmesh/endpoints.go | 8 ++------ service/appmesh/options.go | 4 ---- service/apprunner/api_client.go | 19 +++++++++---------- service/apprunner/auth.go | 8 ++++---- service/apprunner/endpoints.go | 8 ++------ service/apprunner/options.go | 4 ---- service/appstream/api_client.go | 19 +++++++++---------- service/appstream/auth.go | 8 ++++---- service/appstream/endpoints.go | 8 ++------ service/appstream/options.go | 4 ---- service/appsync/api_client.go | 19 +++++++++---------- service/appsync/auth.go | 8 ++++---- service/appsync/endpoints.go | 8 ++------ service/appsync/options.go | 4 ---- service/arczonalshift/api_client.go | 19 +++++++++---------- service/arczonalshift/auth.go | 8 ++++---- service/arczonalshift/endpoints.go | 8 ++------ service/arczonalshift/options.go | 4 ---- service/athena/api_client.go | 19 +++++++++---------- service/athena/auth.go | 8 ++++---- service/athena/endpoints.go | 8 ++------ service/athena/options.go | 4 ---- service/auditmanager/api_client.go | 19 +++++++++---------- service/auditmanager/auth.go | 8 ++++---- service/auditmanager/endpoints.go | 8 ++------ service/auditmanager/options.go | 4 ---- service/autoscaling/api_client.go | 19 +++++++++---------- service/autoscaling/auth.go | 8 ++++---- service/autoscaling/endpoints.go | 8 ++------ service/autoscaling/options.go | 4 ---- service/autoscalingplans/api_client.go | 19 +++++++++---------- service/autoscalingplans/auth.go | 8 ++++---- service/autoscalingplans/endpoints.go | 8 ++------ service/autoscalingplans/options.go | 4 ---- service/b2bi/api_client.go | 19 +++++++++---------- service/b2bi/auth.go | 8 ++++---- service/b2bi/endpoints.go | 8 ++------ service/b2bi/options.go | 4 ---- service/backup/api_client.go | 19 +++++++++---------- service/backup/auth.go | 8 ++++---- service/backup/endpoints.go | 8 ++------ service/backup/options.go | 4 ---- service/backupgateway/api_client.go | 19 +++++++++---------- service/backupgateway/auth.go | 8 ++++---- service/backupgateway/endpoints.go | 8 ++------ service/backupgateway/options.go | 4 ---- service/backupstorage/api_client.go | 19 +++++++++---------- service/backupstorage/auth.go | 8 ++++---- service/backupstorage/endpoints.go | 8 ++------ service/backupstorage/options.go | 4 ---- service/batch/api_client.go | 19 +++++++++---------- service/batch/auth.go | 8 ++++---- service/batch/endpoints.go | 8 ++------ service/batch/options.go | 4 ---- service/bcmdataexports/api_client.go | 19 +++++++++---------- service/bcmdataexports/auth.go | 8 ++++---- service/bcmdataexports/endpoints.go | 8 ++------ service/bcmdataexports/options.go | 4 ---- service/bedrock/api_client.go | 19 +++++++++---------- service/bedrock/auth.go | 8 ++++---- service/bedrock/endpoints.go | 8 ++------ service/bedrock/options.go | 4 ---- service/bedrockagent/api_client.go | 19 +++++++++---------- service/bedrockagent/auth.go | 8 ++++---- service/bedrockagent/endpoints.go | 8 ++------ service/bedrockagent/options.go | 4 ---- service/bedrockagentruntime/api_client.go | 19 +++++++++---------- service/bedrockagentruntime/auth.go | 8 ++++---- service/bedrockagentruntime/endpoints.go | 8 ++------ service/bedrockagentruntime/options.go | 4 ---- service/bedrockruntime/api_client.go | 19 +++++++++---------- service/bedrockruntime/auth.go | 8 ++++---- service/bedrockruntime/endpoints.go | 8 ++------ service/bedrockruntime/options.go | 4 ---- service/billingconductor/api_client.go | 19 +++++++++---------- service/billingconductor/auth.go | 8 ++++---- service/billingconductor/endpoints.go | 8 ++------ service/billingconductor/options.go | 4 ---- service/braket/api_client.go | 19 +++++++++---------- service/braket/auth.go | 8 ++++---- service/braket/endpoints.go | 8 ++------ service/braket/options.go | 4 ---- service/budgets/api_client.go | 19 +++++++++---------- service/budgets/auth.go | 8 ++++---- service/budgets/endpoints.go | 8 ++------ service/budgets/options.go | 4 ---- service/chime/api_client.go | 19 +++++++++---------- service/chime/auth.go | 8 ++++---- service/chime/endpoints.go | 8 ++------ service/chime/options.go | 4 ---- service/chimesdkidentity/api_client.go | 19 +++++++++---------- service/chimesdkidentity/auth.go | 8 ++++---- service/chimesdkidentity/endpoints.go | 8 ++------ service/chimesdkidentity/options.go | 4 ---- service/chimesdkmediapipelines/api_client.go | 19 +++++++++---------- service/chimesdkmediapipelines/auth.go | 8 ++++---- service/chimesdkmediapipelines/endpoints.go | 8 ++------ service/chimesdkmediapipelines/options.go | 4 ---- service/chimesdkmeetings/api_client.go | 19 +++++++++---------- service/chimesdkmeetings/auth.go | 8 ++++---- service/chimesdkmeetings/endpoints.go | 8 ++------ service/chimesdkmeetings/options.go | 4 ---- service/chimesdkmessaging/api_client.go | 19 +++++++++---------- service/chimesdkmessaging/auth.go | 8 ++++---- service/chimesdkmessaging/endpoints.go | 8 ++------ service/chimesdkmessaging/options.go | 4 ---- service/chimesdkvoice/api_client.go | 19 +++++++++---------- service/chimesdkvoice/auth.go | 8 ++++---- service/chimesdkvoice/endpoints.go | 8 ++------ service/chimesdkvoice/options.go | 4 ---- service/cleanrooms/api_client.go | 19 +++++++++---------- service/cleanrooms/auth.go | 8 ++++---- service/cleanrooms/endpoints.go | 8 ++------ service/cleanrooms/options.go | 4 ---- service/cleanroomsml/api_client.go | 19 +++++++++---------- service/cleanroomsml/auth.go | 8 ++++---- service/cleanroomsml/endpoints.go | 8 ++------ service/cleanroomsml/options.go | 4 ---- service/cloud9/api_client.go | 19 +++++++++---------- service/cloud9/auth.go | 8 ++++---- service/cloud9/endpoints.go | 8 ++------ service/cloud9/options.go | 4 ---- service/cloudcontrol/api_client.go | 19 +++++++++---------- service/cloudcontrol/auth.go | 8 ++++---- service/cloudcontrol/endpoints.go | 8 ++------ service/cloudcontrol/options.go | 4 ---- service/clouddirectory/api_client.go | 19 +++++++++---------- service/clouddirectory/auth.go | 8 ++++---- service/clouddirectory/endpoints.go | 8 ++------ service/clouddirectory/options.go | 4 ---- service/cloudformation/api_client.go | 19 +++++++++---------- service/cloudformation/auth.go | 8 ++++---- service/cloudformation/endpoints.go | 8 ++------ service/cloudformation/options.go | 4 ---- service/cloudfront/api_client.go | 19 +++++++++---------- service/cloudfront/auth.go | 8 ++++---- service/cloudfront/endpoints.go | 8 ++------ service/cloudfront/options.go | 4 ---- service/cloudfrontkeyvaluestore/api_client.go | 19 +++++++++---------- service/cloudfrontkeyvaluestore/auth.go | 8 ++++---- service/cloudfrontkeyvaluestore/endpoints.go | 8 ++------ service/cloudfrontkeyvaluestore/options.go | 4 ---- service/cloudhsm/api_client.go | 19 +++++++++---------- service/cloudhsm/auth.go | 8 ++++---- service/cloudhsm/endpoints.go | 8 ++------ service/cloudhsm/options.go | 4 ---- service/cloudhsmv2/api_client.go | 19 +++++++++---------- service/cloudhsmv2/auth.go | 8 ++++---- service/cloudhsmv2/endpoints.go | 8 ++------ service/cloudhsmv2/options.go | 4 ---- service/cloudsearch/api_client.go | 19 +++++++++---------- service/cloudsearch/auth.go | 8 ++++---- service/cloudsearch/endpoints.go | 8 ++------ service/cloudsearch/options.go | 4 ---- service/cloudsearchdomain/api_client.go | 19 +++++++++---------- service/cloudsearchdomain/auth.go | 8 ++++---- service/cloudsearchdomain/endpoints.go | 8 ++------ service/cloudsearchdomain/options.go | 4 ---- service/cloudtrail/api_client.go | 19 +++++++++---------- service/cloudtrail/auth.go | 8 ++++---- service/cloudtrail/endpoints.go | 8 ++------ service/cloudtrail/options.go | 4 ---- service/cloudtraildata/api_client.go | 19 +++++++++---------- service/cloudtraildata/auth.go | 8 ++++---- service/cloudtraildata/endpoints.go | 8 ++------ service/cloudtraildata/options.go | 4 ---- service/cloudwatch/api_client.go | 19 +++++++++---------- service/cloudwatch/auth.go | 8 ++++---- service/cloudwatch/endpoints.go | 8 ++------ service/cloudwatch/options.go | 4 ---- service/cloudwatchevents/api_client.go | 19 +++++++++---------- service/cloudwatchevents/auth.go | 8 ++++---- service/cloudwatchevents/endpoints.go | 8 ++------ service/cloudwatchevents/options.go | 4 ---- service/cloudwatchlogs/api_client.go | 19 +++++++++---------- service/cloudwatchlogs/auth.go | 8 ++++---- service/cloudwatchlogs/endpoints.go | 8 ++------ service/cloudwatchlogs/options.go | 4 ---- service/codeartifact/api_client.go | 19 +++++++++---------- service/codeartifact/auth.go | 8 ++++---- service/codeartifact/endpoints.go | 8 ++------ service/codeartifact/options.go | 4 ---- service/codebuild/api_client.go | 19 +++++++++---------- service/codebuild/auth.go | 8 ++++---- service/codebuild/endpoints.go | 8 ++------ service/codebuild/options.go | 4 ---- service/codecatalyst/api_client.go | 1 - service/codecatalyst/auth.go | 4 ++-- service/codecatalyst/endpoints.go | 8 ++------ service/codecatalyst/options.go | 4 ---- service/codecommit/api_client.go | 19 +++++++++---------- service/codecommit/auth.go | 8 ++++---- service/codecommit/endpoints.go | 8 ++------ service/codecommit/options.go | 4 ---- service/codedeploy/api_client.go | 19 +++++++++---------- service/codedeploy/auth.go | 8 ++++---- service/codedeploy/endpoints.go | 8 ++------ service/codedeploy/options.go | 4 ---- service/codeguruprofiler/api_client.go | 19 +++++++++---------- service/codeguruprofiler/auth.go | 8 ++++---- service/codeguruprofiler/endpoints.go | 8 ++------ service/codeguruprofiler/options.go | 4 ---- service/codegurureviewer/api_client.go | 19 +++++++++---------- service/codegurureviewer/auth.go | 8 ++++---- service/codegurureviewer/endpoints.go | 8 ++------ service/codegurureviewer/options.go | 4 ---- service/codegurusecurity/api_client.go | 19 +++++++++---------- service/codegurusecurity/auth.go | 8 ++++---- service/codegurusecurity/endpoints.go | 8 ++------ service/codegurusecurity/options.go | 4 ---- service/codepipeline/api_client.go | 19 +++++++++---------- service/codepipeline/auth.go | 8 ++++---- service/codepipeline/endpoints.go | 8 ++------ service/codepipeline/options.go | 4 ---- service/codestar/api_client.go | 19 +++++++++---------- service/codestar/auth.go | 8 ++++---- service/codestar/endpoints.go | 8 ++------ service/codestar/options.go | 4 ---- service/codestarconnections/api_client.go | 19 +++++++++---------- service/codestarconnections/auth.go | 8 ++++---- service/codestarconnections/endpoints.go | 8 ++------ service/codestarconnections/options.go | 4 ---- service/codestarnotifications/api_client.go | 19 +++++++++---------- service/codestarnotifications/auth.go | 8 ++++---- service/codestarnotifications/endpoints.go | 8 ++------ service/codestarnotifications/options.go | 4 ---- service/cognitoidentity/api_client.go | 19 +++++++++---------- service/cognitoidentity/auth.go | 8 ++++---- service/cognitoidentity/endpoints.go | 8 ++------ service/cognitoidentity/options.go | 4 ---- service/cognitoidentityprovider/api_client.go | 19 +++++++++---------- service/cognitoidentityprovider/auth.go | 8 ++++---- service/cognitoidentityprovider/endpoints.go | 8 ++------ service/cognitoidentityprovider/options.go | 4 ---- service/cognitosync/api_client.go | 19 +++++++++---------- service/cognitosync/auth.go | 8 ++++---- service/cognitosync/endpoints.go | 8 ++------ service/cognitosync/options.go | 4 ---- service/comprehend/api_client.go | 19 +++++++++---------- service/comprehend/auth.go | 8 ++++---- service/comprehend/endpoints.go | 8 ++------ service/comprehend/options.go | 4 ---- service/comprehendmedical/api_client.go | 19 +++++++++---------- service/comprehendmedical/auth.go | 8 ++++---- service/comprehendmedical/endpoints.go | 8 ++------ service/comprehendmedical/options.go | 4 ---- service/computeoptimizer/api_client.go | 19 +++++++++---------- service/computeoptimizer/auth.go | 8 ++++---- service/computeoptimizer/endpoints.go | 8 ++------ service/computeoptimizer/options.go | 4 ---- service/configservice/api_client.go | 19 +++++++++---------- service/configservice/auth.go | 8 ++++---- service/configservice/endpoints.go | 8 ++------ service/configservice/options.go | 4 ---- service/connect/api_client.go | 19 +++++++++---------- service/connect/auth.go | 8 ++++---- service/connect/endpoints.go | 8 ++------ service/connect/options.go | 4 ---- service/connectcampaigns/api_client.go | 19 +++++++++---------- service/connectcampaigns/auth.go | 8 ++++---- service/connectcampaigns/endpoints.go | 8 ++------ service/connectcampaigns/options.go | 4 ---- service/connectcases/api_client.go | 19 +++++++++---------- service/connectcases/auth.go | 8 ++++---- service/connectcases/endpoints.go | 8 ++------ service/connectcases/options.go | 4 ---- service/connectcontactlens/api_client.go | 19 +++++++++---------- service/connectcontactlens/auth.go | 8 ++++---- service/connectcontactlens/endpoints.go | 8 ++------ service/connectcontactlens/options.go | 4 ---- service/connectparticipant/api_client.go | 19 +++++++++---------- service/connectparticipant/auth.go | 8 ++++---- service/connectparticipant/endpoints.go | 8 ++------ service/connectparticipant/options.go | 4 ---- service/controltower/api_client.go | 19 +++++++++---------- service/controltower/auth.go | 8 ++++---- service/controltower/endpoints.go | 8 ++------ service/controltower/options.go | 4 ---- .../costandusagereportservice/api_client.go | 19 +++++++++---------- service/costandusagereportservice/auth.go | 8 ++++---- .../costandusagereportservice/endpoints.go | 8 ++------ service/costandusagereportservice/options.go | 4 ---- service/costexplorer/api_client.go | 19 +++++++++---------- service/costexplorer/auth.go | 8 ++++---- service/costexplorer/endpoints.go | 8 ++------ service/costexplorer/options.go | 4 ---- service/costoptimizationhub/api_client.go | 19 +++++++++---------- service/costoptimizationhub/auth.go | 8 ++++---- service/costoptimizationhub/endpoints.go | 8 ++------ service/costoptimizationhub/options.go | 4 ---- service/customerprofiles/api_client.go | 19 +++++++++---------- service/customerprofiles/auth.go | 8 ++++---- service/customerprofiles/endpoints.go | 8 ++------ service/customerprofiles/options.go | 4 ---- .../databasemigrationservice/api_client.go | 19 +++++++++---------- service/databasemigrationservice/auth.go | 8 ++++---- service/databasemigrationservice/endpoints.go | 8 ++------ service/databasemigrationservice/options.go | 4 ---- service/databrew/api_client.go | 19 +++++++++---------- service/databrew/auth.go | 8 ++++---- service/databrew/endpoints.go | 8 ++------ service/databrew/options.go | 4 ---- service/dataexchange/api_client.go | 19 +++++++++---------- service/dataexchange/auth.go | 8 ++++---- service/dataexchange/endpoints.go | 8 ++------ service/dataexchange/options.go | 4 ---- service/datapipeline/api_client.go | 19 +++++++++---------- service/datapipeline/auth.go | 8 ++++---- service/datapipeline/endpoints.go | 8 ++------ service/datapipeline/options.go | 4 ---- service/datasync/api_client.go | 19 +++++++++---------- service/datasync/auth.go | 8 ++++---- service/datasync/endpoints.go | 8 ++------ service/datasync/options.go | 4 ---- service/datazone/api_client.go | 19 +++++++++---------- service/datazone/auth.go | 8 ++++---- service/datazone/endpoints.go | 8 ++------ service/datazone/options.go | 4 ---- service/dax/api_client.go | 19 +++++++++---------- service/dax/auth.go | 8 ++++---- service/dax/endpoints.go | 8 ++------ service/dax/options.go | 4 ---- service/detective/api_client.go | 19 +++++++++---------- service/detective/auth.go | 8 ++++---- service/detective/endpoints.go | 8 ++------ service/detective/options.go | 4 ---- service/devicefarm/api_client.go | 19 +++++++++---------- service/devicefarm/auth.go | 8 ++++---- service/devicefarm/endpoints.go | 8 ++------ service/devicefarm/options.go | 4 ---- service/devopsguru/api_client.go | 19 +++++++++---------- service/devopsguru/auth.go | 8 ++++---- service/devopsguru/endpoints.go | 8 ++------ service/devopsguru/options.go | 4 ---- service/directconnect/api_client.go | 19 +++++++++---------- service/directconnect/auth.go | 8 ++++---- service/directconnect/endpoints.go | 8 ++------ service/directconnect/options.go | 4 ---- service/directoryservice/api_client.go | 19 +++++++++---------- service/directoryservice/auth.go | 8 ++++---- service/directoryservice/endpoints.go | 8 ++------ service/directoryservice/options.go | 4 ---- service/dlm/api_client.go | 19 +++++++++---------- service/dlm/auth.go | 8 ++++---- service/dlm/endpoints.go | 8 ++------ service/dlm/options.go | 4 ---- service/docdb/api_client.go | 19 +++++++++---------- service/docdb/auth.go | 8 ++++---- service/docdb/endpoints.go | 8 ++------ service/docdb/options.go | 4 ---- service/docdbelastic/api_client.go | 19 +++++++++---------- service/docdbelastic/auth.go | 8 ++++---- service/docdbelastic/endpoints.go | 8 ++------ service/docdbelastic/options.go | 4 ---- service/drs/api_client.go | 19 +++++++++---------- service/drs/auth.go | 8 ++++---- service/drs/endpoints.go | 8 ++------ service/drs/options.go | 4 ---- service/dynamodbstreams/api_client.go | 19 +++++++++---------- service/dynamodbstreams/auth.go | 8 ++++---- service/dynamodbstreams/endpoints.go | 8 ++------ service/dynamodbstreams/options.go | 4 ---- service/ebs/api_client.go | 19 +++++++++---------- service/ebs/auth.go | 8 ++++---- service/ebs/endpoints.go | 8 ++------ service/ebs/options.go | 4 ---- service/ec2/api_client.go | 19 +++++++++---------- service/ec2/auth.go | 8 ++++---- service/ec2/endpoints.go | 8 ++------ service/ec2/options.go | 4 ---- service/ec2instanceconnect/api_client.go | 19 +++++++++---------- service/ec2instanceconnect/auth.go | 8 ++++---- service/ec2instanceconnect/endpoints.go | 8 ++------ service/ec2instanceconnect/options.go | 4 ---- service/ecr/api_client.go | 19 +++++++++---------- service/ecr/auth.go | 8 ++++---- service/ecr/endpoints.go | 8 ++------ service/ecr/options.go | 4 ---- service/ecrpublic/api_client.go | 19 +++++++++---------- service/ecrpublic/auth.go | 8 ++++---- service/ecrpublic/endpoints.go | 8 ++------ service/ecrpublic/options.go | 4 ---- service/ecs/api_client.go | 19 +++++++++---------- service/ecs/auth.go | 8 ++++---- service/ecs/endpoints.go | 8 ++------ service/ecs/options.go | 4 ---- service/efs/api_client.go | 19 +++++++++---------- service/efs/auth.go | 8 ++++---- service/efs/endpoints.go | 8 ++------ service/efs/options.go | 4 ---- service/eks/api_client.go | 19 +++++++++---------- service/eks/auth.go | 8 ++++---- service/eks/endpoints.go | 8 ++------ service/eks/options.go | 4 ---- service/eksauth/api_client.go | 19 +++++++++---------- service/eksauth/auth.go | 8 ++++---- service/eksauth/endpoints.go | 8 ++------ service/eksauth/options.go | 4 ---- service/elasticache/api_client.go | 19 +++++++++---------- service/elasticache/auth.go | 8 ++++---- service/elasticache/endpoints.go | 8 ++------ service/elasticache/options.go | 4 ---- service/elasticbeanstalk/api_client.go | 19 +++++++++---------- service/elasticbeanstalk/auth.go | 8 ++++---- service/elasticbeanstalk/endpoints.go | 8 ++------ service/elasticbeanstalk/options.go | 4 ---- service/elasticinference/api_client.go | 19 +++++++++---------- service/elasticinference/auth.go | 8 ++++---- service/elasticinference/endpoints.go | 8 ++------ service/elasticinference/options.go | 4 ---- service/elasticloadbalancing/api_client.go | 19 +++++++++---------- service/elasticloadbalancing/auth.go | 8 ++++---- service/elasticloadbalancing/endpoints.go | 8 ++------ service/elasticloadbalancing/options.go | 4 ---- service/elasticloadbalancingv2/api_client.go | 19 +++++++++---------- service/elasticloadbalancingv2/auth.go | 8 ++++---- service/elasticloadbalancingv2/endpoints.go | 8 ++------ service/elasticloadbalancingv2/options.go | 4 ---- service/elasticsearchservice/api_client.go | 19 +++++++++---------- service/elasticsearchservice/auth.go | 8 ++++---- service/elasticsearchservice/endpoints.go | 8 ++------ service/elasticsearchservice/options.go | 4 ---- service/elastictranscoder/api_client.go | 19 +++++++++---------- service/elastictranscoder/auth.go | 8 ++++---- service/elastictranscoder/endpoints.go | 8 ++------ service/elastictranscoder/options.go | 4 ---- service/emr/api_client.go | 19 +++++++++---------- service/emr/auth.go | 8 ++++---- service/emr/endpoints.go | 8 ++------ service/emr/options.go | 4 ---- service/emrcontainers/api_client.go | 19 +++++++++---------- service/emrcontainers/auth.go | 8 ++++---- service/emrcontainers/endpoints.go | 8 ++------ service/emrcontainers/options.go | 4 ---- service/emrserverless/api_client.go | 19 +++++++++---------- service/emrserverless/auth.go | 8 ++++---- service/emrserverless/endpoints.go | 8 ++------ service/emrserverless/options.go | 4 ---- service/entityresolution/api_client.go | 19 +++++++++---------- service/entityresolution/auth.go | 8 ++++---- service/entityresolution/endpoints.go | 8 ++------ service/entityresolution/options.go | 4 ---- service/eventbridge/api_client.go | 19 +++++++++---------- service/eventbridge/auth.go | 14 +++++++------- service/eventbridge/endpoints.go | 8 ++------ service/eventbridge/options.go | 4 ---- service/evidently/api_client.go | 19 +++++++++---------- service/evidently/auth.go | 8 ++++---- service/evidently/endpoints.go | 8 ++------ service/evidently/options.go | 4 ---- service/finspace/api_client.go | 19 +++++++++---------- service/finspace/auth.go | 8 ++++---- service/finspace/endpoints.go | 8 ++------ service/finspace/options.go | 4 ---- service/finspacedata/api_client.go | 19 +++++++++---------- service/finspacedata/auth.go | 8 ++++---- service/finspacedata/endpoints.go | 8 ++------ service/finspacedata/options.go | 4 ---- service/firehose/api_client.go | 19 +++++++++---------- service/firehose/auth.go | 8 ++++---- service/firehose/endpoints.go | 8 ++------ service/firehose/options.go | 4 ---- service/fis/api_client.go | 19 +++++++++---------- service/fis/auth.go | 8 ++++---- service/fis/endpoints.go | 8 ++------ service/fis/options.go | 4 ---- service/fms/api_client.go | 19 +++++++++---------- service/fms/auth.go | 8 ++++---- service/fms/endpoints.go | 8 ++------ service/fms/options.go | 4 ---- service/forecast/api_client.go | 19 +++++++++---------- service/forecast/auth.go | 8 ++++---- service/forecast/endpoints.go | 8 ++------ service/forecast/options.go | 4 ---- service/forecastquery/api_client.go | 19 +++++++++---------- service/forecastquery/auth.go | 8 ++++---- service/forecastquery/endpoints.go | 8 ++------ service/forecastquery/options.go | 4 ---- service/frauddetector/api_client.go | 19 +++++++++---------- service/frauddetector/auth.go | 8 ++++---- service/frauddetector/endpoints.go | 8 ++------ service/frauddetector/options.go | 4 ---- service/freetier/api_client.go | 19 +++++++++---------- service/freetier/auth.go | 8 ++++---- service/freetier/endpoints.go | 8 ++------ service/freetier/options.go | 4 ---- service/fsx/api_client.go | 19 +++++++++---------- service/fsx/auth.go | 8 ++++---- service/fsx/endpoints.go | 8 ++------ service/fsx/options.go | 4 ---- service/gamelift/api_client.go | 19 +++++++++---------- service/gamelift/auth.go | 8 ++++---- service/gamelift/endpoints.go | 8 ++------ service/gamelift/options.go | 4 ---- service/glacier/api_client.go | 19 +++++++++---------- service/glacier/auth.go | 8 ++++---- service/glacier/endpoints.go | 8 ++------ service/glacier/options.go | 4 ---- service/globalaccelerator/api_client.go | 19 +++++++++---------- service/globalaccelerator/auth.go | 8 ++++---- service/globalaccelerator/endpoints.go | 8 ++------ service/globalaccelerator/options.go | 4 ---- service/glue/api_client.go | 19 +++++++++---------- service/glue/auth.go | 8 ++++---- service/glue/endpoints.go | 8 ++------ service/glue/options.go | 4 ---- service/grafana/api_client.go | 19 +++++++++---------- service/grafana/auth.go | 8 ++++---- service/grafana/endpoints.go | 8 ++------ service/grafana/options.go | 4 ---- service/greengrass/api_client.go | 19 +++++++++---------- service/greengrass/auth.go | 8 ++++---- service/greengrass/endpoints.go | 8 ++------ service/greengrass/options.go | 4 ---- service/greengrassv2/api_client.go | 19 +++++++++---------- service/greengrassv2/auth.go | 8 ++++---- service/greengrassv2/endpoints.go | 8 ++------ service/greengrassv2/options.go | 4 ---- service/groundstation/api_client.go | 19 +++++++++---------- service/groundstation/auth.go | 8 ++++---- service/groundstation/endpoints.go | 8 ++------ service/groundstation/options.go | 4 ---- service/guardduty/api_client.go | 19 +++++++++---------- service/guardduty/auth.go | 8 ++++---- service/guardduty/endpoints.go | 8 ++------ service/guardduty/options.go | 4 ---- service/health/api_client.go | 19 +++++++++---------- service/health/auth.go | 8 ++++---- service/health/endpoints.go | 8 ++------ service/health/options.go | 4 ---- service/healthlake/api_client.go | 19 +++++++++---------- service/healthlake/auth.go | 8 ++++---- service/healthlake/endpoints.go | 8 ++------ service/healthlake/options.go | 4 ---- service/honeycode/api_client.go | 19 +++++++++---------- service/honeycode/auth.go | 8 ++++---- service/honeycode/endpoints.go | 8 ++------ service/honeycode/options.go | 4 ---- service/iam/api_client.go | 19 +++++++++---------- service/iam/auth.go | 8 ++++---- service/iam/endpoints.go | 8 ++------ service/iam/options.go | 4 ---- service/identitystore/api_client.go | 19 +++++++++---------- service/identitystore/auth.go | 8 ++++---- service/identitystore/endpoints.go | 8 ++------ service/identitystore/options.go | 4 ---- service/imagebuilder/api_client.go | 19 +++++++++---------- service/imagebuilder/auth.go | 8 ++++---- service/imagebuilder/endpoints.go | 8 ++------ service/imagebuilder/options.go | 4 ---- service/inspector/api_client.go | 19 +++++++++---------- service/inspector/auth.go | 8 ++++---- service/inspector/endpoints.go | 8 ++------ service/inspector/options.go | 4 ---- service/inspector2/api_client.go | 19 +++++++++---------- service/inspector2/auth.go | 8 ++++---- service/inspector2/endpoints.go | 8 ++------ service/inspector2/options.go | 4 ---- service/inspectorscan/api_client.go | 19 +++++++++---------- service/inspectorscan/auth.go | 8 ++++---- service/inspectorscan/endpoints.go | 8 ++------ service/inspectorscan/options.go | 4 ---- service/internetmonitor/api_client.go | 19 +++++++++---------- service/internetmonitor/auth.go | 8 ++++---- service/internetmonitor/endpoints.go | 8 ++------ service/internetmonitor/options.go | 4 ---- service/iot/api_client.go | 19 +++++++++---------- service/iot/auth.go | 8 ++++---- service/iot/endpoints.go | 8 ++------ service/iot/options.go | 4 ---- service/iot1clickdevicesservice/api_client.go | 19 +++++++++---------- service/iot1clickdevicesservice/auth.go | 8 ++++---- service/iot1clickdevicesservice/endpoints.go | 8 ++------ service/iot1clickdevicesservice/options.go | 4 ---- service/iot1clickprojects/api_client.go | 19 +++++++++---------- service/iot1clickprojects/auth.go | 8 ++++---- service/iot1clickprojects/endpoints.go | 8 ++------ service/iot1clickprojects/options.go | 4 ---- service/iotanalytics/api_client.go | 19 +++++++++---------- service/iotanalytics/auth.go | 8 ++++---- service/iotanalytics/endpoints.go | 8 ++------ service/iotanalytics/options.go | 4 ---- service/iotdataplane/api_client.go | 19 +++++++++---------- service/iotdataplane/auth.go | 8 ++++---- service/iotdataplane/endpoints.go | 8 ++------ service/iotdataplane/options.go | 4 ---- service/iotdeviceadvisor/api_client.go | 19 +++++++++---------- service/iotdeviceadvisor/auth.go | 8 ++++---- service/iotdeviceadvisor/endpoints.go | 8 ++------ service/iotdeviceadvisor/options.go | 4 ---- service/iotevents/api_client.go | 19 +++++++++---------- service/iotevents/auth.go | 8 ++++---- service/iotevents/endpoints.go | 8 ++------ service/iotevents/options.go | 4 ---- service/ioteventsdata/api_client.go | 19 +++++++++---------- service/ioteventsdata/auth.go | 8 ++++---- service/ioteventsdata/endpoints.go | 8 ++------ service/ioteventsdata/options.go | 4 ---- service/iotfleethub/api_client.go | 19 +++++++++---------- service/iotfleethub/auth.go | 8 ++++---- service/iotfleethub/endpoints.go | 8 ++------ service/iotfleethub/options.go | 4 ---- service/iotfleetwise/api_client.go | 19 +++++++++---------- service/iotfleetwise/auth.go | 8 ++++---- service/iotfleetwise/endpoints.go | 8 ++------ service/iotfleetwise/options.go | 4 ---- service/iotjobsdataplane/api_client.go | 19 +++++++++---------- service/iotjobsdataplane/auth.go | 8 ++++---- service/iotjobsdataplane/endpoints.go | 8 ++------ service/iotjobsdataplane/options.go | 4 ---- service/iotroborunner/api_client.go | 19 +++++++++---------- service/iotroborunner/auth.go | 8 ++++---- service/iotroborunner/endpoints.go | 8 ++------ service/iotroborunner/options.go | 4 ---- service/iotsecuretunneling/api_client.go | 19 +++++++++---------- service/iotsecuretunneling/auth.go | 8 ++++---- service/iotsecuretunneling/endpoints.go | 8 ++------ service/iotsecuretunneling/options.go | 4 ---- service/iotsitewise/api_client.go | 19 +++++++++---------- service/iotsitewise/auth.go | 8 ++++---- service/iotsitewise/endpoints.go | 8 ++------ service/iotsitewise/options.go | 4 ---- service/iotthingsgraph/api_client.go | 19 +++++++++---------- service/iotthingsgraph/auth.go | 8 ++++---- service/iotthingsgraph/endpoints.go | 8 ++------ service/iotthingsgraph/options.go | 4 ---- service/iottwinmaker/api_client.go | 19 +++++++++---------- service/iottwinmaker/auth.go | 8 ++++---- service/iottwinmaker/endpoints.go | 8 ++------ service/iottwinmaker/options.go | 4 ---- service/iotwireless/api_client.go | 19 +++++++++---------- service/iotwireless/auth.go | 8 ++++---- service/iotwireless/endpoints.go | 8 ++------ service/iotwireless/options.go | 4 ---- service/ivs/api_client.go | 19 +++++++++---------- service/ivs/auth.go | 8 ++++---- service/ivs/endpoints.go | 8 ++------ service/ivs/options.go | 4 ---- service/ivschat/api_client.go | 19 +++++++++---------- service/ivschat/auth.go | 8 ++++---- service/ivschat/endpoints.go | 8 ++------ service/ivschat/options.go | 4 ---- service/ivsrealtime/api_client.go | 19 +++++++++---------- service/ivsrealtime/auth.go | 8 ++++---- service/ivsrealtime/endpoints.go | 8 ++------ service/ivsrealtime/options.go | 4 ---- service/kafka/api_client.go | 19 +++++++++---------- service/kafka/auth.go | 8 ++++---- service/kafka/endpoints.go | 8 ++------ service/kafka/options.go | 4 ---- service/kafkaconnect/api_client.go | 19 +++++++++---------- service/kafkaconnect/auth.go | 8 ++++---- service/kafkaconnect/endpoints.go | 8 ++------ service/kafkaconnect/options.go | 4 ---- service/kendra/api_client.go | 19 +++++++++---------- service/kendra/auth.go | 8 ++++---- service/kendra/endpoints.go | 8 ++------ service/kendra/options.go | 4 ---- service/kendraranking/api_client.go | 19 +++++++++---------- service/kendraranking/auth.go | 8 ++++---- service/kendraranking/endpoints.go | 8 ++------ service/kendraranking/options.go | 4 ---- service/keyspaces/api_client.go | 19 +++++++++---------- service/keyspaces/auth.go | 8 ++++---- service/keyspaces/endpoints.go | 8 ++------ service/keyspaces/options.go | 4 ---- service/kinesis/api_client.go | 19 +++++++++---------- service/kinesis/auth.go | 8 ++++---- service/kinesis/endpoints.go | 8 ++------ service/kinesis/options.go | 4 ---- service/kinesisanalytics/api_client.go | 19 +++++++++---------- service/kinesisanalytics/auth.go | 8 ++++---- service/kinesisanalytics/endpoints.go | 8 ++------ service/kinesisanalytics/options.go | 4 ---- service/kinesisanalyticsv2/api_client.go | 19 +++++++++---------- service/kinesisanalyticsv2/auth.go | 8 ++++---- service/kinesisanalyticsv2/endpoints.go | 8 ++------ service/kinesisanalyticsv2/options.go | 4 ---- service/kinesisvideo/api_client.go | 19 +++++++++---------- service/kinesisvideo/auth.go | 8 ++++---- service/kinesisvideo/endpoints.go | 8 ++------ service/kinesisvideo/options.go | 4 ---- .../kinesisvideoarchivedmedia/api_client.go | 19 +++++++++---------- service/kinesisvideoarchivedmedia/auth.go | 8 ++++---- .../kinesisvideoarchivedmedia/endpoints.go | 8 ++------ service/kinesisvideoarchivedmedia/options.go | 4 ---- service/kinesisvideomedia/api_client.go | 19 +++++++++---------- service/kinesisvideomedia/auth.go | 8 ++++---- service/kinesisvideomedia/endpoints.go | 8 ++------ service/kinesisvideomedia/options.go | 4 ---- service/kinesisvideosignaling/api_client.go | 19 +++++++++---------- service/kinesisvideosignaling/auth.go | 8 ++++---- service/kinesisvideosignaling/endpoints.go | 8 ++------ service/kinesisvideosignaling/options.go | 4 ---- .../kinesisvideowebrtcstorage/api_client.go | 19 +++++++++---------- service/kinesisvideowebrtcstorage/auth.go | 8 ++++---- .../kinesisvideowebrtcstorage/endpoints.go | 8 ++------ service/kinesisvideowebrtcstorage/options.go | 4 ---- service/kms/api_client.go | 19 +++++++++---------- service/kms/auth.go | 8 ++++---- service/kms/endpoints.go | 8 ++------ service/kms/options.go | 4 ---- service/lakeformation/api_client.go | 19 +++++++++---------- service/lakeformation/auth.go | 8 ++++---- service/lakeformation/endpoints.go | 8 ++------ service/lakeformation/options.go | 4 ---- service/lambda/api_client.go | 19 +++++++++---------- service/lambda/auth.go | 8 ++++---- service/lambda/endpoints.go | 8 ++------ service/lambda/options.go | 4 ---- service/launchwizard/api_client.go | 19 +++++++++---------- service/launchwizard/auth.go | 8 ++++---- service/launchwizard/endpoints.go | 8 ++------ service/launchwizard/options.go | 4 ---- service/lexmodelbuildingservice/api_client.go | 19 +++++++++---------- service/lexmodelbuildingservice/auth.go | 8 ++++---- service/lexmodelbuildingservice/endpoints.go | 8 ++------ service/lexmodelbuildingservice/options.go | 4 ---- service/lexmodelsv2/api_client.go | 19 +++++++++---------- service/lexmodelsv2/auth.go | 8 ++++---- service/lexmodelsv2/endpoints.go | 8 ++------ service/lexmodelsv2/options.go | 4 ---- service/lexruntimeservice/api_client.go | 19 +++++++++---------- service/lexruntimeservice/auth.go | 8 ++++---- service/lexruntimeservice/endpoints.go | 8 ++------ service/lexruntimeservice/options.go | 4 ---- service/lexruntimev2/api_client.go | 19 +++++++++---------- service/lexruntimev2/auth.go | 8 ++++---- service/lexruntimev2/endpoints.go | 8 ++------ service/lexruntimev2/options.go | 4 ---- service/licensemanager/api_client.go | 19 +++++++++---------- service/licensemanager/auth.go | 8 ++++---- service/licensemanager/endpoints.go | 8 ++------ service/licensemanager/options.go | 4 ---- .../api_client.go | 19 +++++++++---------- .../licensemanagerlinuxsubscriptions/auth.go | 8 ++++---- .../endpoints.go | 8 ++------ .../options.go | 4 ---- .../api_client.go | 19 +++++++++---------- .../licensemanagerusersubscriptions/auth.go | 8 ++++---- .../endpoints.go | 8 ++------ .../options.go | 4 ---- service/lightsail/api_client.go | 19 +++++++++---------- service/lightsail/auth.go | 8 ++++---- service/lightsail/endpoints.go | 8 ++------ service/lightsail/options.go | 4 ---- service/location/api_client.go | 19 +++++++++---------- service/location/auth.go | 8 ++++---- service/location/endpoints.go | 8 ++------ service/location/options.go | 4 ---- service/lookoutequipment/api_client.go | 19 +++++++++---------- service/lookoutequipment/auth.go | 8 ++++---- service/lookoutequipment/endpoints.go | 8 ++------ service/lookoutequipment/options.go | 4 ---- service/lookoutmetrics/api_client.go | 19 +++++++++---------- service/lookoutmetrics/auth.go | 8 ++++---- service/lookoutmetrics/endpoints.go | 8 ++------ service/lookoutmetrics/options.go | 4 ---- service/lookoutvision/api_client.go | 19 +++++++++---------- service/lookoutvision/auth.go | 8 ++++---- service/lookoutvision/endpoints.go | 8 ++------ service/lookoutvision/options.go | 4 ---- service/m2/api_client.go | 19 +++++++++---------- service/m2/auth.go | 8 ++++---- service/m2/endpoints.go | 8 ++------ service/m2/options.go | 4 ---- service/machinelearning/api_client.go | 19 +++++++++---------- service/machinelearning/auth.go | 8 ++++---- service/machinelearning/endpoints.go | 8 ++------ service/machinelearning/options.go | 4 ---- service/macie2/api_client.go | 19 +++++++++---------- service/macie2/auth.go | 8 ++++---- service/macie2/endpoints.go | 8 ++------ service/macie2/options.go | 4 ---- service/managedblockchain/api_client.go | 19 +++++++++---------- service/managedblockchain/auth.go | 8 ++++---- service/managedblockchain/endpoints.go | 8 ++------ service/managedblockchain/options.go | 4 ---- service/managedblockchainquery/api_client.go | 19 +++++++++---------- service/managedblockchainquery/auth.go | 8 ++++---- service/managedblockchainquery/endpoints.go | 8 ++------ service/managedblockchainquery/options.go | 4 ---- service/marketplaceagreement/api_client.go | 19 +++++++++---------- service/marketplaceagreement/auth.go | 8 ++++---- service/marketplaceagreement/endpoints.go | 8 ++------ service/marketplaceagreement/options.go | 4 ---- service/marketplacecatalog/api_client.go | 19 +++++++++---------- service/marketplacecatalog/auth.go | 8 ++++---- service/marketplacecatalog/endpoints.go | 8 ++------ service/marketplacecatalog/options.go | 4 ---- .../api_client.go | 19 +++++++++---------- service/marketplacecommerceanalytics/auth.go | 8 ++++---- .../marketplacecommerceanalytics/endpoints.go | 8 ++------ .../marketplacecommerceanalytics/options.go | 4 ---- service/marketplacedeployment/api_client.go | 19 +++++++++---------- service/marketplacedeployment/auth.go | 8 ++++---- service/marketplacedeployment/endpoints.go | 8 ++------ service/marketplacedeployment/options.go | 4 ---- .../api_client.go | 19 +++++++++---------- service/marketplaceentitlementservice/auth.go | 8 ++++---- .../endpoints.go | 8 ++------ .../marketplaceentitlementservice/options.go | 4 ---- service/marketplacemetering/api_client.go | 19 +++++++++---------- service/marketplacemetering/auth.go | 8 ++++---- service/marketplacemetering/endpoints.go | 8 ++------ service/marketplacemetering/options.go | 4 ---- service/mediaconnect/api_client.go | 19 +++++++++---------- service/mediaconnect/auth.go | 8 ++++---- service/mediaconnect/endpoints.go | 8 ++------ service/mediaconnect/options.go | 4 ---- service/mediaconvert/api_client.go | 19 +++++++++---------- service/mediaconvert/auth.go | 8 ++++---- service/mediaconvert/endpoints.go | 8 ++------ service/mediaconvert/options.go | 4 ---- service/medialive/api_client.go | 19 +++++++++---------- service/medialive/auth.go | 8 ++++---- service/medialive/endpoints.go | 8 ++------ service/medialive/options.go | 4 ---- service/mediapackage/api_client.go | 19 +++++++++---------- service/mediapackage/auth.go | 8 ++++---- service/mediapackage/endpoints.go | 8 ++------ service/mediapackage/options.go | 4 ---- service/mediapackagev2/api_client.go | 19 +++++++++---------- service/mediapackagev2/auth.go | 8 ++++---- service/mediapackagev2/endpoints.go | 8 ++------ service/mediapackagev2/options.go | 4 ---- service/mediapackagevod/api_client.go | 19 +++++++++---------- service/mediapackagevod/auth.go | 8 ++++---- service/mediapackagevod/endpoints.go | 8 ++------ service/mediapackagevod/options.go | 4 ---- service/mediastore/api_client.go | 19 +++++++++---------- service/mediastore/auth.go | 8 ++++---- service/mediastore/endpoints.go | 8 ++------ service/mediastore/options.go | 4 ---- service/mediastoredata/api_client.go | 19 +++++++++---------- service/mediastoredata/auth.go | 8 ++++---- service/mediastoredata/endpoints.go | 8 ++------ service/mediastoredata/options.go | 4 ---- service/mediatailor/api_client.go | 19 +++++++++---------- service/mediatailor/auth.go | 8 ++++---- service/mediatailor/endpoints.go | 8 ++------ service/mediatailor/options.go | 4 ---- service/medicalimaging/api_client.go | 19 +++++++++---------- service/medicalimaging/auth.go | 8 ++++---- service/medicalimaging/endpoints.go | 8 ++------ service/medicalimaging/options.go | 4 ---- service/memorydb/api_client.go | 19 +++++++++---------- service/memorydb/auth.go | 8 ++++---- service/memorydb/endpoints.go | 8 ++------ service/memorydb/options.go | 4 ---- service/mgn/api_client.go | 19 +++++++++---------- service/mgn/auth.go | 8 ++++---- service/mgn/endpoints.go | 8 ++------ service/mgn/options.go | 4 ---- service/migrationhub/api_client.go | 19 +++++++++---------- service/migrationhub/auth.go | 8 ++++---- service/migrationhub/endpoints.go | 8 ++------ service/migrationhub/options.go | 4 ---- service/migrationhubconfig/api_client.go | 19 +++++++++---------- service/migrationhubconfig/auth.go | 8 ++++---- service/migrationhubconfig/endpoints.go | 8 ++------ service/migrationhubconfig/options.go | 4 ---- .../migrationhuborchestrator/api_client.go | 19 +++++++++---------- service/migrationhuborchestrator/auth.go | 8 ++++---- service/migrationhuborchestrator/endpoints.go | 8 ++------ service/migrationhuborchestrator/options.go | 4 ---- .../migrationhubrefactorspaces/api_client.go | 19 +++++++++---------- service/migrationhubrefactorspaces/auth.go | 8 ++++---- .../migrationhubrefactorspaces/endpoints.go | 8 ++------ service/migrationhubrefactorspaces/options.go | 4 ---- service/migrationhubstrategy/api_client.go | 19 +++++++++---------- service/migrationhubstrategy/auth.go | 8 ++++---- service/migrationhubstrategy/endpoints.go | 8 ++------ service/migrationhubstrategy/options.go | 4 ---- service/mobile/api_client.go | 19 +++++++++---------- service/mobile/auth.go | 8 ++++---- service/mobile/endpoints.go | 8 ++------ service/mobile/options.go | 4 ---- service/mq/api_client.go | 19 +++++++++---------- service/mq/auth.go | 8 ++++---- service/mq/endpoints.go | 8 ++------ service/mq/options.go | 4 ---- service/mturk/api_client.go | 19 +++++++++---------- service/mturk/auth.go | 8 ++++---- service/mturk/endpoints.go | 8 ++------ service/mturk/options.go | 4 ---- service/mwaa/api_client.go | 19 +++++++++---------- service/mwaa/auth.go | 8 ++++---- service/mwaa/endpoints.go | 8 ++------ service/mwaa/options.go | 4 ---- service/neptune/api_client.go | 19 +++++++++---------- service/neptune/auth.go | 8 ++++---- service/neptune/endpoints.go | 8 ++------ service/neptune/options.go | 4 ---- service/neptunedata/api_client.go | 19 +++++++++---------- service/neptunedata/auth.go | 8 ++++---- service/neptunedata/endpoints.go | 8 ++------ service/neptunedata/options.go | 4 ---- service/neptunegraph/api_client.go | 19 +++++++++---------- service/neptunegraph/auth.go | 8 ++++---- service/neptunegraph/endpoints.go | 8 ++------ service/neptunegraph/options.go | 4 ---- service/networkfirewall/api_client.go | 19 +++++++++---------- service/networkfirewall/auth.go | 8 ++++---- service/networkfirewall/endpoints.go | 8 ++------ service/networkfirewall/options.go | 4 ---- service/networkmanager/api_client.go | 19 +++++++++---------- service/networkmanager/auth.go | 8 ++++---- service/networkmanager/endpoints.go | 8 ++------ service/networkmanager/options.go | 4 ---- service/networkmonitor/api_client.go | 19 +++++++++---------- service/networkmonitor/auth.go | 8 ++++---- service/networkmonitor/endpoints.go | 8 ++------ service/networkmonitor/options.go | 4 ---- service/nimble/api_client.go | 19 +++++++++---------- service/nimble/auth.go | 8 ++++---- service/nimble/endpoints.go | 8 ++------ service/nimble/options.go | 4 ---- service/oam/api_client.go | 19 +++++++++---------- service/oam/auth.go | 8 ++++---- service/oam/endpoints.go | 8 ++------ service/oam/options.go | 4 ---- service/omics/api_client.go | 19 +++++++++---------- service/omics/auth.go | 8 ++++---- service/omics/endpoints.go | 8 ++------ service/omics/options.go | 4 ---- service/opensearch/api_client.go | 19 +++++++++---------- service/opensearch/auth.go | 8 ++++---- service/opensearch/endpoints.go | 8 ++------ service/opensearch/options.go | 4 ---- service/opensearchserverless/api_client.go | 19 +++++++++---------- service/opensearchserverless/auth.go | 8 ++++---- service/opensearchserverless/endpoints.go | 8 ++------ service/opensearchserverless/options.go | 4 ---- service/opsworks/api_client.go | 19 +++++++++---------- service/opsworks/auth.go | 8 ++++---- service/opsworks/endpoints.go | 8 ++------ service/opsworks/options.go | 4 ---- service/opsworkscm/api_client.go | 19 +++++++++---------- service/opsworkscm/auth.go | 8 ++++---- service/opsworkscm/endpoints.go | 8 ++------ service/opsworkscm/options.go | 4 ---- service/organizations/api_client.go | 19 +++++++++---------- service/organizations/auth.go | 8 ++++---- service/organizations/endpoints.go | 8 ++------ service/organizations/options.go | 4 ---- service/osis/api_client.go | 19 +++++++++---------- service/osis/auth.go | 8 ++++---- service/osis/endpoints.go | 8 ++------ service/osis/options.go | 4 ---- service/outposts/api_client.go | 19 +++++++++---------- service/outposts/auth.go | 8 ++++---- service/outposts/endpoints.go | 8 ++------ service/outposts/options.go | 4 ---- service/panorama/api_client.go | 19 +++++++++---------- service/panorama/auth.go | 8 ++++---- service/panorama/endpoints.go | 8 ++------ service/panorama/options.go | 4 ---- service/paymentcryptography/api_client.go | 19 +++++++++---------- service/paymentcryptography/auth.go | 8 ++++---- service/paymentcryptography/endpoints.go | 8 ++------ service/paymentcryptography/options.go | 4 ---- service/paymentcryptographydata/api_client.go | 19 +++++++++---------- service/paymentcryptographydata/auth.go | 8 ++++---- service/paymentcryptographydata/endpoints.go | 8 ++------ service/paymentcryptographydata/options.go | 4 ---- service/pcaconnectorad/api_client.go | 19 +++++++++---------- service/pcaconnectorad/auth.go | 8 ++++---- service/pcaconnectorad/endpoints.go | 8 ++------ service/pcaconnectorad/options.go | 4 ---- service/personalize/api_client.go | 19 +++++++++---------- service/personalize/auth.go | 8 ++++---- service/personalize/endpoints.go | 8 ++------ service/personalize/options.go | 4 ---- service/personalizeevents/api_client.go | 19 +++++++++---------- service/personalizeevents/auth.go | 8 ++++---- service/personalizeevents/endpoints.go | 8 ++------ service/personalizeevents/options.go | 4 ---- service/personalizeruntime/api_client.go | 19 +++++++++---------- service/personalizeruntime/auth.go | 8 ++++---- service/personalizeruntime/endpoints.go | 8 ++------ service/personalizeruntime/options.go | 4 ---- service/pi/api_client.go | 19 +++++++++---------- service/pi/auth.go | 8 ++++---- service/pi/endpoints.go | 8 ++------ service/pi/options.go | 4 ---- service/pinpoint/api_client.go | 19 +++++++++---------- service/pinpoint/auth.go | 8 ++++---- service/pinpoint/endpoints.go | 8 ++------ service/pinpoint/options.go | 4 ---- service/pinpointemail/api_client.go | 19 +++++++++---------- service/pinpointemail/auth.go | 8 ++++---- service/pinpointemail/endpoints.go | 8 ++------ service/pinpointemail/options.go | 4 ---- service/pinpointsmsvoice/api_client.go | 19 +++++++++---------- service/pinpointsmsvoice/auth.go | 8 ++++---- service/pinpointsmsvoice/endpoints.go | 8 ++------ service/pinpointsmsvoice/options.go | 4 ---- service/pinpointsmsvoicev2/api_client.go | 19 +++++++++---------- service/pinpointsmsvoicev2/auth.go | 8 ++++---- service/pinpointsmsvoicev2/endpoints.go | 8 ++------ service/pinpointsmsvoicev2/options.go | 4 ---- service/pipes/api_client.go | 19 +++++++++---------- service/pipes/auth.go | 8 ++++---- service/pipes/endpoints.go | 8 ++------ service/pipes/options.go | 4 ---- service/polly/api_client.go | 19 +++++++++---------- service/polly/auth.go | 8 ++++---- service/polly/endpoints.go | 8 ++------ service/polly/options.go | 4 ---- service/pricing/api_client.go | 19 +++++++++---------- service/pricing/auth.go | 8 ++++---- service/pricing/endpoints.go | 8 ++------ service/pricing/options.go | 4 ---- service/privatenetworks/api_client.go | 19 +++++++++---------- service/privatenetworks/auth.go | 8 ++++---- service/privatenetworks/endpoints.go | 8 ++------ service/privatenetworks/options.go | 4 ---- service/proton/api_client.go | 19 +++++++++---------- service/proton/auth.go | 8 ++++---- service/proton/endpoints.go | 8 ++------ service/proton/options.go | 4 ---- service/qbusiness/api_client.go | 19 +++++++++---------- service/qbusiness/auth.go | 8 ++++---- service/qbusiness/endpoints.go | 8 ++------ service/qbusiness/options.go | 4 ---- service/qconnect/api_client.go | 19 +++++++++---------- service/qconnect/auth.go | 8 ++++---- service/qconnect/endpoints.go | 8 ++------ service/qconnect/options.go | 4 ---- service/qldb/api_client.go | 19 +++++++++---------- service/qldb/auth.go | 8 ++++---- service/qldb/endpoints.go | 8 ++------ service/qldb/options.go | 4 ---- service/qldbsession/api_client.go | 19 +++++++++---------- service/qldbsession/auth.go | 8 ++++---- service/qldbsession/endpoints.go | 8 ++------ service/qldbsession/options.go | 4 ---- service/quicksight/api_client.go | 19 +++++++++---------- service/quicksight/auth.go | 8 ++++---- service/quicksight/endpoints.go | 8 ++------ service/quicksight/options.go | 4 ---- service/ram/api_client.go | 19 +++++++++---------- service/ram/auth.go | 8 ++++---- service/ram/endpoints.go | 8 ++------ service/ram/options.go | 4 ---- service/rbin/api_client.go | 19 +++++++++---------- service/rbin/auth.go | 8 ++++---- service/rbin/endpoints.go | 8 ++------ service/rbin/options.go | 4 ---- service/rds/api_client.go | 19 +++++++++---------- service/rds/auth.go | 8 ++++---- service/rds/endpoints.go | 8 ++------ service/rds/options.go | 4 ---- service/rdsdata/api_client.go | 19 +++++++++---------- service/rdsdata/auth.go | 8 ++++---- service/rdsdata/endpoints.go | 8 ++------ service/rdsdata/options.go | 4 ---- service/redshift/api_client.go | 19 +++++++++---------- service/redshift/auth.go | 8 ++++---- service/redshift/endpoints.go | 8 ++------ service/redshift/options.go | 4 ---- service/redshiftdata/api_client.go | 19 +++++++++---------- service/redshiftdata/auth.go | 8 ++++---- service/redshiftdata/endpoints.go | 8 ++------ service/redshiftdata/options.go | 4 ---- service/redshiftserverless/api_client.go | 19 +++++++++---------- service/redshiftserverless/auth.go | 8 ++++---- service/redshiftserverless/endpoints.go | 8 ++------ service/redshiftserverless/options.go | 4 ---- service/rekognition/api_client.go | 19 +++++++++---------- service/rekognition/auth.go | 8 ++++---- service/rekognition/endpoints.go | 8 ++------ service/rekognition/options.go | 4 ---- service/repostspace/api_client.go | 19 +++++++++---------- service/repostspace/auth.go | 8 ++++---- service/repostspace/endpoints.go | 8 ++------ service/repostspace/options.go | 4 ---- service/resiliencehub/api_client.go | 19 +++++++++---------- service/resiliencehub/auth.go | 8 ++++---- service/resiliencehub/endpoints.go | 8 ++------ service/resiliencehub/options.go | 4 ---- service/resourceexplorer2/api_client.go | 19 +++++++++---------- service/resourceexplorer2/auth.go | 8 ++++---- service/resourceexplorer2/endpoints.go | 8 ++------ service/resourceexplorer2/options.go | 4 ---- service/resourcegroups/api_client.go | 19 +++++++++---------- service/resourcegroups/auth.go | 8 ++++---- service/resourcegroups/endpoints.go | 8 ++------ service/resourcegroups/options.go | 4 ---- .../resourcegroupstaggingapi/api_client.go | 19 +++++++++---------- service/resourcegroupstaggingapi/auth.go | 8 ++++---- service/resourcegroupstaggingapi/endpoints.go | 8 ++------ service/resourcegroupstaggingapi/options.go | 4 ---- service/robomaker/api_client.go | 19 +++++++++---------- service/robomaker/auth.go | 8 ++++---- service/robomaker/endpoints.go | 8 ++------ service/robomaker/options.go | 4 ---- service/rolesanywhere/api_client.go | 19 +++++++++---------- service/rolesanywhere/auth.go | 8 ++++---- service/rolesanywhere/endpoints.go | 8 ++------ service/rolesanywhere/options.go | 4 ---- service/route53/api_client.go | 19 +++++++++---------- service/route53/auth.go | 8 ++++---- service/route53/endpoints.go | 8 ++------ service/route53/options.go | 4 ---- service/route53domains/api_client.go | 19 +++++++++---------- service/route53domains/auth.go | 8 ++++---- service/route53domains/endpoints.go | 8 ++------ service/route53domains/options.go | 4 ---- service/route53recoverycluster/api_client.go | 19 +++++++++---------- service/route53recoverycluster/auth.go | 8 ++++---- service/route53recoverycluster/endpoints.go | 8 ++------ service/route53recoverycluster/options.go | 4 ---- .../api_client.go | 19 +++++++++---------- service/route53recoverycontrolconfig/auth.go | 8 ++++---- .../route53recoverycontrolconfig/endpoints.go | 8 ++------ .../route53recoverycontrolconfig/options.go | 4 ---- .../route53recoveryreadiness/api_client.go | 19 +++++++++---------- service/route53recoveryreadiness/auth.go | 8 ++++---- service/route53recoveryreadiness/endpoints.go | 8 ++------ service/route53recoveryreadiness/options.go | 4 ---- service/route53resolver/api_client.go | 19 +++++++++---------- service/route53resolver/auth.go | 8 ++++---- service/route53resolver/endpoints.go | 8 ++------ service/route53resolver/options.go | 4 ---- service/rum/api_client.go | 19 +++++++++---------- service/rum/auth.go | 8 ++++---- service/rum/endpoints.go | 8 ++------ service/rum/options.go | 4 ---- service/s3/api_client.go | 19 +++++++++---------- service/s3/auth.go | 14 +++++++------- service/s3/endpoints.go | 8 ++------ service/s3/options.go | 4 ---- service/s3control/api_client.go | 19 +++++++++---------- service/s3control/auth.go | 8 ++++---- service/s3control/endpoints.go | 8 ++------ service/s3control/options.go | 4 ---- service/s3outposts/api_client.go | 19 +++++++++---------- service/s3outposts/auth.go | 8 ++++---- service/s3outposts/endpoints.go | 8 ++------ service/s3outposts/options.go | 4 ---- service/sagemaker/api_client.go | 19 +++++++++---------- service/sagemaker/auth.go | 8 ++++---- service/sagemaker/endpoints.go | 8 ++------ service/sagemaker/options.go | 4 ---- service/sagemakera2iruntime/api_client.go | 19 +++++++++---------- service/sagemakera2iruntime/auth.go | 8 ++++---- service/sagemakera2iruntime/endpoints.go | 8 ++------ service/sagemakera2iruntime/options.go | 4 ---- service/sagemakeredge/api_client.go | 19 +++++++++---------- service/sagemakeredge/auth.go | 8 ++++---- service/sagemakeredge/endpoints.go | 8 ++------ service/sagemakeredge/options.go | 4 ---- .../api_client.go | 19 +++++++++---------- service/sagemakerfeaturestoreruntime/auth.go | 8 ++++---- .../sagemakerfeaturestoreruntime/endpoints.go | 8 ++------ .../sagemakerfeaturestoreruntime/options.go | 4 ---- service/sagemakergeospatial/api_client.go | 19 +++++++++---------- service/sagemakergeospatial/auth.go | 8 ++++---- service/sagemakergeospatial/endpoints.go | 8 ++------ service/sagemakergeospatial/options.go | 4 ---- service/sagemakermetrics/api_client.go | 19 +++++++++---------- service/sagemakermetrics/auth.go | 8 ++++---- service/sagemakermetrics/endpoints.go | 8 ++------ service/sagemakermetrics/options.go | 4 ---- service/sagemakerruntime/api_client.go | 19 +++++++++---------- service/sagemakerruntime/auth.go | 8 ++++---- service/sagemakerruntime/endpoints.go | 8 ++------ service/sagemakerruntime/options.go | 4 ---- service/savingsplans/api_client.go | 19 +++++++++---------- service/savingsplans/auth.go | 8 ++++---- service/savingsplans/endpoints.go | 8 ++------ service/savingsplans/options.go | 4 ---- service/scheduler/api_client.go | 19 +++++++++---------- service/scheduler/auth.go | 8 ++++---- service/scheduler/endpoints.go | 8 ++------ service/scheduler/options.go | 4 ---- service/schemas/api_client.go | 19 +++++++++---------- service/schemas/auth.go | 8 ++++---- service/schemas/endpoints.go | 8 ++------ service/schemas/options.go | 4 ---- service/secretsmanager/api_client.go | 19 +++++++++---------- service/secretsmanager/auth.go | 8 ++++---- service/secretsmanager/endpoints.go | 8 ++------ service/secretsmanager/options.go | 4 ---- service/securityhub/api_client.go | 19 +++++++++---------- service/securityhub/auth.go | 8 ++++---- service/securityhub/endpoints.go | 8 ++------ service/securityhub/options.go | 4 ---- service/securitylake/api_client.go | 19 +++++++++---------- service/securitylake/auth.go | 8 ++++---- service/securitylake/endpoints.go | 8 ++------ service/securitylake/options.go | 4 ---- .../api_client.go | 19 +++++++++---------- .../serverlessapplicationrepository/auth.go | 8 ++++---- .../endpoints.go | 8 ++------ .../options.go | 4 ---- service/servicecatalog/api_client.go | 19 +++++++++---------- service/servicecatalog/auth.go | 8 ++++---- service/servicecatalog/endpoints.go | 8 ++------ service/servicecatalog/options.go | 4 ---- .../servicecatalogappregistry/api_client.go | 19 +++++++++---------- service/servicecatalogappregistry/auth.go | 8 ++++---- .../servicecatalogappregistry/endpoints.go | 8 ++------ service/servicecatalogappregistry/options.go | 4 ---- service/servicediscovery/api_client.go | 19 +++++++++---------- service/servicediscovery/auth.go | 8 ++++---- service/servicediscovery/endpoints.go | 8 ++------ service/servicediscovery/options.go | 4 ---- service/servicequotas/api_client.go | 19 +++++++++---------- service/servicequotas/auth.go | 8 ++++---- service/servicequotas/endpoints.go | 8 ++------ service/servicequotas/options.go | 4 ---- service/ses/api_client.go | 19 +++++++++---------- service/ses/auth.go | 8 ++++---- service/ses/endpoints.go | 8 ++------ service/ses/options.go | 4 ---- service/sesv2/api_client.go | 19 +++++++++---------- service/sesv2/auth.go | 8 ++++---- service/sesv2/endpoints.go | 8 ++------ service/sesv2/options.go | 4 ---- service/sfn/api_client.go | 19 +++++++++---------- service/sfn/auth.go | 8 ++++---- service/sfn/endpoints.go | 8 ++------ service/sfn/options.go | 4 ---- service/shield/api_client.go | 19 +++++++++---------- service/shield/auth.go | 8 ++++---- service/shield/endpoints.go | 8 ++------ service/shield/options.go | 4 ---- service/signer/api_client.go | 19 +++++++++---------- service/signer/auth.go | 8 ++++---- service/signer/endpoints.go | 8 ++------ service/signer/options.go | 4 ---- service/simspaceweaver/api_client.go | 19 +++++++++---------- service/simspaceweaver/auth.go | 8 ++++---- service/simspaceweaver/endpoints.go | 8 ++------ service/simspaceweaver/options.go | 4 ---- service/sms/api_client.go | 19 +++++++++---------- service/sms/auth.go | 8 ++++---- service/sms/endpoints.go | 8 ++------ service/sms/options.go | 4 ---- service/snowball/api_client.go | 19 +++++++++---------- service/snowball/auth.go | 8 ++++---- service/snowball/endpoints.go | 8 ++------ service/snowball/options.go | 4 ---- service/snowdevicemanagement/api_client.go | 19 +++++++++---------- service/snowdevicemanagement/auth.go | 8 ++++---- service/snowdevicemanagement/endpoints.go | 8 ++------ service/snowdevicemanagement/options.go | 4 ---- service/sns/api_client.go | 19 +++++++++---------- service/sns/auth.go | 8 ++++---- service/sns/endpoints.go | 8 ++------ service/sns/options.go | 4 ---- service/sqs/api_client.go | 19 +++++++++---------- service/sqs/auth.go | 8 ++++---- service/sqs/endpoints.go | 8 ++------ service/sqs/options.go | 4 ---- service/ssm/api_client.go | 19 +++++++++---------- service/ssm/auth.go | 8 ++++---- service/ssm/endpoints.go | 8 ++------ service/ssm/options.go | 4 ---- service/ssmcontacts/api_client.go | 19 +++++++++---------- service/ssmcontacts/auth.go | 8 ++++---- service/ssmcontacts/endpoints.go | 8 ++------ service/ssmcontacts/options.go | 4 ---- service/ssmincidents/api_client.go | 19 +++++++++---------- service/ssmincidents/auth.go | 8 ++++---- service/ssmincidents/endpoints.go | 8 ++------ service/ssmincidents/options.go | 4 ---- service/ssmsap/api_client.go | 19 +++++++++---------- service/ssmsap/auth.go | 8 ++++---- service/ssmsap/endpoints.go | 8 ++------ service/ssmsap/options.go | 4 ---- service/sso/api_client.go | 19 +++++++++---------- service/sso/auth.go | 8 ++++---- service/sso/endpoints.go | 8 ++------ service/sso/options.go | 4 ---- service/ssoadmin/api_client.go | 19 +++++++++---------- service/ssoadmin/auth.go | 8 ++++---- service/ssoadmin/endpoints.go | 8 ++------ service/ssoadmin/options.go | 4 ---- service/ssooidc/api_client.go | 19 +++++++++---------- service/ssooidc/auth.go | 8 ++++---- service/ssooidc/endpoints.go | 8 ++------ service/ssooidc/options.go | 4 ---- service/storagegateway/api_client.go | 19 +++++++++---------- service/storagegateway/auth.go | 8 ++++---- service/storagegateway/endpoints.go | 8 ++------ service/storagegateway/options.go | 4 ---- service/sts/api_client.go | 19 +++++++++---------- service/sts/auth.go | 8 ++++---- service/sts/endpoints.go | 8 ++------ service/sts/options.go | 4 ---- service/support/api_client.go | 19 +++++++++---------- service/support/auth.go | 8 ++++---- service/support/endpoints.go | 8 ++------ service/support/options.go | 4 ---- service/supportapp/api_client.go | 19 +++++++++---------- service/supportapp/auth.go | 8 ++++---- service/supportapp/endpoints.go | 8 ++------ service/supportapp/options.go | 4 ---- service/swf/api_client.go | 19 +++++++++---------- service/swf/auth.go | 8 ++++---- service/swf/endpoints.go | 8 ++------ service/swf/options.go | 4 ---- service/synthetics/api_client.go | 19 +++++++++---------- service/synthetics/auth.go | 8 ++++---- service/synthetics/endpoints.go | 8 ++------ service/synthetics/options.go | 4 ---- service/textract/api_client.go | 19 +++++++++---------- service/textract/auth.go | 8 ++++---- service/textract/endpoints.go | 8 ++------ service/textract/options.go | 4 ---- service/timestreamquery/api_client.go | 19 +++++++++---------- service/timestreamquery/auth.go | 8 ++++---- service/timestreamquery/endpoints.go | 8 ++------ service/timestreamquery/options.go | 4 ---- service/timestreamwrite/api_client.go | 19 +++++++++---------- service/timestreamwrite/auth.go | 8 ++++---- service/timestreamwrite/endpoints.go | 8 ++------ service/timestreamwrite/options.go | 4 ---- service/tnb/api_client.go | 19 +++++++++---------- service/tnb/auth.go | 8 ++++---- service/tnb/endpoints.go | 8 ++------ service/tnb/options.go | 4 ---- service/transcribe/api_client.go | 19 +++++++++---------- service/transcribe/auth.go | 8 ++++---- service/transcribe/endpoints.go | 8 ++------ service/transcribe/options.go | 4 ---- service/transcribestreaming/api_client.go | 19 +++++++++---------- service/transcribestreaming/auth.go | 8 ++++---- service/transcribestreaming/endpoints.go | 8 ++------ service/transcribestreaming/options.go | 4 ---- service/transfer/api_client.go | 19 +++++++++---------- service/transfer/auth.go | 8 ++++---- service/transfer/endpoints.go | 8 ++------ service/transfer/options.go | 4 ---- service/translate/api_client.go | 19 +++++++++---------- service/translate/auth.go | 8 ++++---- service/translate/endpoints.go | 8 ++------ service/translate/options.go | 4 ---- service/trustedadvisor/api_client.go | 19 +++++++++---------- service/trustedadvisor/auth.go | 8 ++++---- service/trustedadvisor/endpoints.go | 8 ++------ service/trustedadvisor/options.go | 4 ---- service/verifiedpermissions/api_client.go | 19 +++++++++---------- service/verifiedpermissions/auth.go | 8 ++++---- service/verifiedpermissions/endpoints.go | 8 ++------ service/verifiedpermissions/options.go | 4 ---- service/voiceid/api_client.go | 19 +++++++++---------- service/voiceid/auth.go | 8 ++++---- service/voiceid/endpoints.go | 8 ++------ service/voiceid/options.go | 4 ---- service/vpclattice/api_client.go | 19 +++++++++---------- service/vpclattice/auth.go | 8 ++++---- service/vpclattice/endpoints.go | 8 ++------ service/vpclattice/options.go | 4 ---- service/waf/api_client.go | 19 +++++++++---------- service/waf/auth.go | 8 ++++---- service/waf/endpoints.go | 8 ++------ service/waf/options.go | 4 ---- service/wafregional/api_client.go | 19 +++++++++---------- service/wafregional/auth.go | 8 ++++---- service/wafregional/endpoints.go | 8 ++------ service/wafregional/options.go | 4 ---- service/wafv2/api_client.go | 19 +++++++++---------- service/wafv2/auth.go | 8 ++++---- service/wafv2/endpoints.go | 8 ++------ service/wafv2/options.go | 4 ---- service/wellarchitected/api_client.go | 19 +++++++++---------- service/wellarchitected/auth.go | 8 ++++---- service/wellarchitected/endpoints.go | 8 ++------ service/wellarchitected/options.go | 4 ---- service/wisdom/api_client.go | 19 +++++++++---------- service/wisdom/auth.go | 8 ++++---- service/wisdom/endpoints.go | 8 ++------ service/wisdom/options.go | 4 ---- service/workdocs/api_client.go | 19 +++++++++---------- service/workdocs/auth.go | 8 ++++---- service/workdocs/endpoints.go | 8 ++------ service/workdocs/options.go | 4 ---- service/worklink/api_client.go | 19 +++++++++---------- service/worklink/auth.go | 8 ++++---- service/worklink/endpoints.go | 8 ++------ service/worklink/options.go | 4 ---- service/workmail/api_client.go | 19 +++++++++---------- service/workmail/auth.go | 8 ++++---- service/workmail/endpoints.go | 8 ++------ service/workmail/options.go | 4 ---- service/workmailmessageflow/api_client.go | 19 +++++++++---------- service/workmailmessageflow/auth.go | 8 ++++---- service/workmailmessageflow/endpoints.go | 8 ++------ service/workmailmessageflow/options.go | 4 ---- service/workspaces/api_client.go | 19 +++++++++---------- service/workspaces/auth.go | 8 ++++---- service/workspaces/endpoints.go | 8 ++------ service/workspaces/options.go | 4 ---- service/workspacesthinclient/api_client.go | 19 +++++++++---------- service/workspacesthinclient/auth.go | 8 ++++---- service/workspacesthinclient/endpoints.go | 8 ++------ service/workspacesthinclient/options.go | 4 ---- service/workspacesweb/api_client.go | 19 +++++++++---------- service/workspacesweb/auth.go | 8 ++++---- service/workspacesweb/endpoints.go | 8 ++------ service/workspacesweb/options.go | 4 ---- service/xray/api_client.go | 19 +++++++++---------- service/xray/auth.go | 8 ++++---- service/xray/endpoints.go | 8 ++------ service/xray/options.go | 4 ---- 1517 files changed, 5629 insertions(+), 9030 deletions(-) diff --git a/internal/protocoltest/awsrestjson/api_client.go b/internal/protocoltest/awsrestjson/api_client.go index 60d47cc05d0..f39aaad726d 100644 --- a/internal/protocoltest/awsrestjson/api_client.go +++ b/internal/protocoltest/awsrestjson/api_client.go @@ -229,7 +229,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/awsrestjson/auth.go b/internal/protocoltest/awsrestjson/auth.go index 8cd6466de59..5564edd67f6 100644 --- a/internal/protocoltest/awsrestjson/auth.go +++ b/internal/protocoltest/awsrestjson/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/awsrestjson/options.go b/internal/protocoltest/awsrestjson/options.go index 4888d840c06..bd2bd6a9f84 100644 --- a/internal/protocoltest/awsrestjson/options.go +++ b/internal/protocoltest/awsrestjson/options.go @@ -4,7 +4,6 @@ package awsrestjson import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -22,9 +21,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/ec2query/api_client.go b/internal/protocoltest/ec2query/api_client.go index fdf1e5b0dbd..3891cf31616 100644 --- a/internal/protocoltest/ec2query/api_client.go +++ b/internal/protocoltest/ec2query/api_client.go @@ -229,7 +229,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/ec2query/auth.go b/internal/protocoltest/ec2query/auth.go index bfb186c7784..3d784083847 100644 --- a/internal/protocoltest/ec2query/auth.go +++ b/internal/protocoltest/ec2query/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/ec2query/options.go b/internal/protocoltest/ec2query/options.go index 19f5a3024cc..d8e99b30bb7 100644 --- a/internal/protocoltest/ec2query/options.go +++ b/internal/protocoltest/ec2query/options.go @@ -4,7 +4,6 @@ package ec2query import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -22,9 +21,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/jsonrpc/api_client.go b/internal/protocoltest/jsonrpc/api_client.go index f1639103877..ff4a333d31d 100644 --- a/internal/protocoltest/jsonrpc/api_client.go +++ b/internal/protocoltest/jsonrpc/api_client.go @@ -241,7 +241,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/jsonrpc/auth.go b/internal/protocoltest/jsonrpc/auth.go index c6f742411b4..b5ccf33dfc6 100644 --- a/internal/protocoltest/jsonrpc/auth.go +++ b/internal/protocoltest/jsonrpc/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/jsonrpc/options.go b/internal/protocoltest/jsonrpc/options.go index f5d05d9593a..9630316047b 100644 --- a/internal/protocoltest/jsonrpc/options.go +++ b/internal/protocoltest/jsonrpc/options.go @@ -5,7 +5,6 @@ package jsonrpc import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/jsonrpc10/api_client.go b/internal/protocoltest/jsonrpc10/api_client.go index 076802e155f..99dcc289328 100644 --- a/internal/protocoltest/jsonrpc10/api_client.go +++ b/internal/protocoltest/jsonrpc10/api_client.go @@ -225,7 +225,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/jsonrpc10/auth.go b/internal/protocoltest/jsonrpc10/auth.go index ac45cbb5954..463ee3e7df5 100644 --- a/internal/protocoltest/jsonrpc10/auth.go +++ b/internal/protocoltest/jsonrpc10/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/jsonrpc10/options.go b/internal/protocoltest/jsonrpc10/options.go index db57e9edb1c..cefe9ff7d38 100644 --- a/internal/protocoltest/jsonrpc10/options.go +++ b/internal/protocoltest/jsonrpc10/options.go @@ -4,7 +4,6 @@ package jsonrpc10 import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -22,9 +21,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/query/api_client.go b/internal/protocoltest/query/api_client.go index f094b7d1e32..64a2d3e118a 100644 --- a/internal/protocoltest/query/api_client.go +++ b/internal/protocoltest/query/api_client.go @@ -229,7 +229,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/query/auth.go b/internal/protocoltest/query/auth.go index e1f358394df..e6417c9b6ca 100644 --- a/internal/protocoltest/query/auth.go +++ b/internal/protocoltest/query/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/query/options.go b/internal/protocoltest/query/options.go index e5cf58834ed..61469fff7a7 100644 --- a/internal/protocoltest/query/options.go +++ b/internal/protocoltest/query/options.go @@ -4,7 +4,6 @@ package query import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -22,9 +21,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/restxml/api_client.go b/internal/protocoltest/restxml/api_client.go index eabaa072fae..fc4c369fb43 100644 --- a/internal/protocoltest/restxml/api_client.go +++ b/internal/protocoltest/restxml/api_client.go @@ -229,7 +229,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxml/auth.go b/internal/protocoltest/restxml/auth.go index b9817d2bf83..279fa13ea46 100644 --- a/internal/protocoltest/restxml/auth.go +++ b/internal/protocoltest/restxml/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/restxml/options.go b/internal/protocoltest/restxml/options.go index b1d753c95a2..e5c0a3daa4d 100644 --- a/internal/protocoltest/restxml/options.go +++ b/internal/protocoltest/restxml/options.go @@ -4,7 +4,6 @@ package restxml import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -22,9 +21,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/restxmlwithnamespace/api_client.go b/internal/protocoltest/restxmlwithnamespace/api_client.go index 853562924b9..f7f813d4425 100644 --- a/internal/protocoltest/restxmlwithnamespace/api_client.go +++ b/internal/protocoltest/restxmlwithnamespace/api_client.go @@ -215,15 +215,14 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxmlwithnamespace/auth.go b/internal/protocoltest/restxmlwithnamespace/auth.go index 1b7134edeb1..8128ce90d17 100644 --- a/internal/protocoltest/restxmlwithnamespace/auth.go +++ b/internal/protocoltest/restxmlwithnamespace/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/restxmlwithnamespace/options.go b/internal/protocoltest/restxmlwithnamespace/options.go index 575a0b8f5e3..0317b3c75c3 100644 --- a/internal/protocoltest/restxmlwithnamespace/options.go +++ b/internal/protocoltest/restxmlwithnamespace/options.go @@ -4,7 +4,6 @@ package restxmlwithnamespace import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -22,9 +21,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/accessanalyzer/api_client.go b/service/accessanalyzer/api_client.go index 4a9c29dc185..87752cca15f 100644 --- a/service/accessanalyzer/api_client.go +++ b/service/accessanalyzer/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/accessanalyzer/auth.go b/service/accessanalyzer/auth.go index f3fb5ad689f..dc7e2e64c13 100644 --- a/service/accessanalyzer/auth.go +++ b/service/accessanalyzer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/accessanalyzer/endpoints.go b/service/accessanalyzer/endpoints.go index 610649f0707..a9c6242d84f 100644 --- a/service/accessanalyzer/endpoints.go +++ b/service/accessanalyzer/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/accessanalyzer/options.go b/service/accessanalyzer/options.go index 5e67cb87f7b..ca4b79fb918 100644 --- a/service/accessanalyzer/options.go +++ b/service/accessanalyzer/options.go @@ -5,7 +5,6 @@ package accessanalyzer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/account/api_client.go b/service/account/api_client.go index e043b3f2a53..c6a89552b28 100644 --- a/service/account/api_client.go +++ b/service/account/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/account/auth.go b/service/account/auth.go index dd31fcc8c14..eff6c3b0bd8 100644 --- a/service/account/auth.go +++ b/service/account/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/account/endpoints.go b/service/account/endpoints.go index ea7328dd9ee..ce40b437d69 100644 --- a/service/account/endpoints.go +++ b/service/account/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -509,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,9 +537,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -551,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/account/options.go b/service/account/options.go index e65adf1c843..b346281233b 100644 --- a/service/account/options.go +++ b/service/account/options.go @@ -5,7 +5,6 @@ package account import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/acm/api_client.go b/service/acm/api_client.go index 664aa2d443b..809d8f6c04d 100644 --- a/service/acm/api_client.go +++ b/service/acm/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/acm/auth.go b/service/acm/auth.go index 403868c1d8a..d835fd61fad 100644 --- a/service/acm/auth.go +++ b/service/acm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/acm/endpoints.go b/service/acm/endpoints.go index c7fa15b68e3..99e9012a1c1 100644 --- a/service/acm/endpoints.go +++ b/service/acm/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/acm/options.go b/service/acm/options.go index 09d25127f96..77edd733ce1 100644 --- a/service/acm/options.go +++ b/service/acm/options.go @@ -5,7 +5,6 @@ package acm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/acmpca/api_client.go b/service/acmpca/api_client.go index 1b4a5601560..9bf06d8be05 100644 --- a/service/acmpca/api_client.go +++ b/service/acmpca/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/acmpca/auth.go b/service/acmpca/auth.go index 7f6a694417c..69b02aca23d 100644 --- a/service/acmpca/auth.go +++ b/service/acmpca/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/acmpca/endpoints.go b/service/acmpca/endpoints.go index 29b2313284e..c7c9ca209d5 100644 --- a/service/acmpca/endpoints.go +++ b/service/acmpca/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/acmpca/options.go b/service/acmpca/options.go index 2d99de64512..8ac2813ff96 100644 --- a/service/acmpca/options.go +++ b/service/acmpca/options.go @@ -5,7 +5,6 @@ package acmpca import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/alexaforbusiness/api_client.go b/service/alexaforbusiness/api_client.go index 962e464dca5..c0959168693 100644 --- a/service/alexaforbusiness/api_client.go +++ b/service/alexaforbusiness/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/alexaforbusiness/auth.go b/service/alexaforbusiness/auth.go index b453545b525..dc24f714049 100644 --- a/service/alexaforbusiness/auth.go +++ b/service/alexaforbusiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/alexaforbusiness/endpoints.go b/service/alexaforbusiness/endpoints.go index b484045bc8d..33eeaaff954 100644 --- a/service/alexaforbusiness/endpoints.go +++ b/service/alexaforbusiness/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/alexaforbusiness/options.go b/service/alexaforbusiness/options.go index df18f270f54..5d9b44d937b 100644 --- a/service/alexaforbusiness/options.go +++ b/service/alexaforbusiness/options.go @@ -5,7 +5,6 @@ package alexaforbusiness import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amp/api_client.go b/service/amp/api_client.go index 660398434e1..96a64cf9f3b 100644 --- a/service/amp/api_client.go +++ b/service/amp/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amp/auth.go b/service/amp/auth.go index 8e17d4436ad..8e90d81a4bd 100644 --- a/service/amp/auth.go +++ b/service/amp/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amp/endpoints.go b/service/amp/endpoints.go index ac5734123a3..8d80154d1f3 100644 --- a/service/amp/endpoints.go +++ b/service/amp/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amp/options.go b/service/amp/options.go index 78805d53d0c..829dbabaa8f 100644 --- a/service/amp/options.go +++ b/service/amp/options.go @@ -5,7 +5,6 @@ package amp import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplify/api_client.go b/service/amplify/api_client.go index 2953869c7fd..73e329e4a84 100644 --- a/service/amplify/api_client.go +++ b/service/amplify/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amplify/auth.go b/service/amplify/auth.go index 5636338c457..fab9ad320e9 100644 --- a/service/amplify/auth.go +++ b/service/amplify/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplify/endpoints.go b/service/amplify/endpoints.go index 3ba17a56d1f..b707379f4cb 100644 --- a/service/amplify/endpoints.go +++ b/service/amplify/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplify/options.go b/service/amplify/options.go index c719e28e281..3a64da839b1 100644 --- a/service/amplify/options.go +++ b/service/amplify/options.go @@ -5,7 +5,6 @@ package amplify import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplifybackend/api_client.go b/service/amplifybackend/api_client.go index b7a6869b355..47f64ea77b6 100644 --- a/service/amplifybackend/api_client.go +++ b/service/amplifybackend/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amplifybackend/auth.go b/service/amplifybackend/auth.go index 7f9ecc16f39..88e12264988 100644 --- a/service/amplifybackend/auth.go +++ b/service/amplifybackend/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplifybackend/endpoints.go b/service/amplifybackend/endpoints.go index 0eb19899e5a..48c29f8dddb 100644 --- a/service/amplifybackend/endpoints.go +++ b/service/amplifybackend/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplifybackend/options.go b/service/amplifybackend/options.go index 9b63e113ed8..0dac28bfee7 100644 --- a/service/amplifybackend/options.go +++ b/service/amplifybackend/options.go @@ -5,7 +5,6 @@ package amplifybackend import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplifyuibuilder/api_client.go b/service/amplifyuibuilder/api_client.go index 93bf403f266..8c8b73ba9a9 100644 --- a/service/amplifyuibuilder/api_client.go +++ b/service/amplifyuibuilder/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/amplifyuibuilder/auth.go b/service/amplifyuibuilder/auth.go index 399fb66caaa..213f2652aa1 100644 --- a/service/amplifyuibuilder/auth.go +++ b/service/amplifyuibuilder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplifyuibuilder/endpoints.go b/service/amplifyuibuilder/endpoints.go index 4bd35af5f4c..bbb43b081cf 100644 --- a/service/amplifyuibuilder/endpoints.go +++ b/service/amplifyuibuilder/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplifyuibuilder/options.go b/service/amplifyuibuilder/options.go index a019dab88d4..bdbd6f5f287 100644 --- a/service/amplifyuibuilder/options.go +++ b/service/amplifyuibuilder/options.go @@ -5,7 +5,6 @@ package amplifyuibuilder import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigateway/api_client.go b/service/apigateway/api_client.go index 4f324c836ce..347be8c229e 100644 --- a/service/apigateway/api_client.go +++ b/service/apigateway/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apigateway/auth.go b/service/apigateway/auth.go index 2d4f1e75bfc..2ff757469f6 100644 --- a/service/apigateway/auth.go +++ b/service/apigateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigateway/endpoints.go b/service/apigateway/endpoints.go index e82d51a6c75..67e8f9896f7 100644 --- a/service/apigateway/endpoints.go +++ b/service/apigateway/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigateway/options.go b/service/apigateway/options.go index eedbec4f726..2eeaf81d95a 100644 --- a/service/apigateway/options.go +++ b/service/apigateway/options.go @@ -5,7 +5,6 @@ package apigateway import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigatewaymanagementapi/api_client.go b/service/apigatewaymanagementapi/api_client.go index 157398cdbbe..d003244c276 100644 --- a/service/apigatewaymanagementapi/api_client.go +++ b/service/apigatewaymanagementapi/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apigatewaymanagementapi/auth.go b/service/apigatewaymanagementapi/auth.go index 490143aae47..51cf731ac1b 100644 --- a/service/apigatewaymanagementapi/auth.go +++ b/service/apigatewaymanagementapi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigatewaymanagementapi/endpoints.go b/service/apigatewaymanagementapi/endpoints.go index fc47ef0fcd4..7a91885a5d2 100644 --- a/service/apigatewaymanagementapi/endpoints.go +++ b/service/apigatewaymanagementapi/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigatewaymanagementapi/options.go b/service/apigatewaymanagementapi/options.go index da866441feb..f4d53167a7b 100644 --- a/service/apigatewaymanagementapi/options.go +++ b/service/apigatewaymanagementapi/options.go @@ -5,7 +5,6 @@ package apigatewaymanagementapi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigatewayv2/api_client.go b/service/apigatewayv2/api_client.go index 45e23f10216..2e5b34201a9 100644 --- a/service/apigatewayv2/api_client.go +++ b/service/apigatewayv2/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apigatewayv2/auth.go b/service/apigatewayv2/auth.go index 0a11e072958..366e1d62487 100644 --- a/service/apigatewayv2/auth.go +++ b/service/apigatewayv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigatewayv2/endpoints.go b/service/apigatewayv2/endpoints.go index 97d5f1b9e83..634042b6fe0 100644 --- a/service/apigatewayv2/endpoints.go +++ b/service/apigatewayv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigatewayv2/options.go b/service/apigatewayv2/options.go index 74cd1165e77..2d335fa1572 100644 --- a/service/apigatewayv2/options.go +++ b/service/apigatewayv2/options.go @@ -5,7 +5,6 @@ package apigatewayv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appconfig/api_client.go b/service/appconfig/api_client.go index d7368f59b6a..fb123744c1c 100644 --- a/service/appconfig/api_client.go +++ b/service/appconfig/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appconfig/auth.go b/service/appconfig/auth.go index fae21493116..399b2a3e472 100644 --- a/service/appconfig/auth.go +++ b/service/appconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appconfig/endpoints.go b/service/appconfig/endpoints.go index 92d955eecef..bf4df93224d 100644 --- a/service/appconfig/endpoints.go +++ b/service/appconfig/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -466,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,9 +494,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -508,7 +504,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appconfig/options.go b/service/appconfig/options.go index a9304532fe4..a9c45e0c8bb 100644 --- a/service/appconfig/options.go +++ b/service/appconfig/options.go @@ -5,7 +5,6 @@ package appconfig import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appconfigdata/api_client.go b/service/appconfigdata/api_client.go index 848af7c4911..ada9497da13 100644 --- a/service/appconfigdata/api_client.go +++ b/service/appconfigdata/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appconfigdata/auth.go b/service/appconfigdata/auth.go index 55738ab3059..c611bb300a3 100644 --- a/service/appconfigdata/auth.go +++ b/service/appconfigdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appconfigdata/endpoints.go b/service/appconfigdata/endpoints.go index e9987357011..fe078a297a5 100644 --- a/service/appconfigdata/endpoints.go +++ b/service/appconfigdata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appconfigdata/options.go b/service/appconfigdata/options.go index e33171e7900..fb71991d3ed 100644 --- a/service/appconfigdata/options.go +++ b/service/appconfigdata/options.go @@ -5,7 +5,6 @@ package appconfigdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appfabric/api_client.go b/service/appfabric/api_client.go index 25ce77ff857..84f4704dc85 100644 --- a/service/appfabric/api_client.go +++ b/service/appfabric/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appfabric/auth.go b/service/appfabric/auth.go index 9b672ce044a..892b57015b3 100644 --- a/service/appfabric/auth.go +++ b/service/appfabric/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appfabric/endpoints.go b/service/appfabric/endpoints.go index b25207c7531..2750868e999 100644 --- a/service/appfabric/endpoints.go +++ b/service/appfabric/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appfabric/options.go b/service/appfabric/options.go index baa5727ac7b..c157deda065 100644 --- a/service/appfabric/options.go +++ b/service/appfabric/options.go @@ -5,7 +5,6 @@ package appfabric import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appflow/api_client.go b/service/appflow/api_client.go index 9d6903ce148..d6a35f4133a 100644 --- a/service/appflow/api_client.go +++ b/service/appflow/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appflow/auth.go b/service/appflow/auth.go index d7d2408179f..e8bdec2c46d 100644 --- a/service/appflow/auth.go +++ b/service/appflow/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appflow/endpoints.go b/service/appflow/endpoints.go index fac4fb81ed0..4b1aca0ed61 100644 --- a/service/appflow/endpoints.go +++ b/service/appflow/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appflow/options.go b/service/appflow/options.go index 02fa79fc2cc..9949552f60c 100644 --- a/service/appflow/options.go +++ b/service/appflow/options.go @@ -5,7 +5,6 @@ package appflow import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appintegrations/api_client.go b/service/appintegrations/api_client.go index f8b2cc6c5f5..e67c782ca9f 100644 --- a/service/appintegrations/api_client.go +++ b/service/appintegrations/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appintegrations/auth.go b/service/appintegrations/auth.go index 4f52dff846b..bbcc9d43195 100644 --- a/service/appintegrations/auth.go +++ b/service/appintegrations/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appintegrations/endpoints.go b/service/appintegrations/endpoints.go index 97a002d39bc..fe26519945b 100644 --- a/service/appintegrations/endpoints.go +++ b/service/appintegrations/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appintegrations/options.go b/service/appintegrations/options.go index 8d1eff4de2e..1987a53d2ee 100644 --- a/service/appintegrations/options.go +++ b/service/appintegrations/options.go @@ -5,7 +5,6 @@ package appintegrations import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationautoscaling/api_client.go b/service/applicationautoscaling/api_client.go index 7d6acdbfc5e..c2b1fdfb2cc 100644 --- a/service/applicationautoscaling/api_client.go +++ b/service/applicationautoscaling/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationautoscaling/auth.go b/service/applicationautoscaling/auth.go index 998b5852679..0d831c03ced 100644 --- a/service/applicationautoscaling/auth.go +++ b/service/applicationautoscaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationautoscaling/endpoints.go b/service/applicationautoscaling/endpoints.go index b9a932caf98..0feb569e49c 100644 --- a/service/applicationautoscaling/endpoints.go +++ b/service/applicationautoscaling/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationautoscaling/options.go b/service/applicationautoscaling/options.go index d5c2a924426..f60a2d67a83 100644 --- a/service/applicationautoscaling/options.go +++ b/service/applicationautoscaling/options.go @@ -5,7 +5,6 @@ package applicationautoscaling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationcostprofiler/api_client.go b/service/applicationcostprofiler/api_client.go index 107625557c0..1edbca985c9 100644 --- a/service/applicationcostprofiler/api_client.go +++ b/service/applicationcostprofiler/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationcostprofiler/auth.go b/service/applicationcostprofiler/auth.go index 612c201fa7f..3b5bd5100d3 100644 --- a/service/applicationcostprofiler/auth.go +++ b/service/applicationcostprofiler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationcostprofiler/endpoints.go b/service/applicationcostprofiler/endpoints.go index 9bd7a90aacd..4855f85d287 100644 --- a/service/applicationcostprofiler/endpoints.go +++ b/service/applicationcostprofiler/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationcostprofiler/options.go b/service/applicationcostprofiler/options.go index fe1efa30f72..1a5293d2d67 100644 --- a/service/applicationcostprofiler/options.go +++ b/service/applicationcostprofiler/options.go @@ -5,7 +5,6 @@ package applicationcostprofiler import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationdiscoveryservice/api_client.go b/service/applicationdiscoveryservice/api_client.go index ff0d1253b66..6f55246bdfa 100644 --- a/service/applicationdiscoveryservice/api_client.go +++ b/service/applicationdiscoveryservice/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationdiscoveryservice/auth.go b/service/applicationdiscoveryservice/auth.go index 1a808ada220..4510690c411 100644 --- a/service/applicationdiscoveryservice/auth.go +++ b/service/applicationdiscoveryservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationdiscoveryservice/endpoints.go b/service/applicationdiscoveryservice/endpoints.go index 17a456fc86e..ac4cf62de3c 100644 --- a/service/applicationdiscoveryservice/endpoints.go +++ b/service/applicationdiscoveryservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationdiscoveryservice/options.go b/service/applicationdiscoveryservice/options.go index 9b05130fcf9..33bc3e728aa 100644 --- a/service/applicationdiscoveryservice/options.go +++ b/service/applicationdiscoveryservice/options.go @@ -5,7 +5,6 @@ package applicationdiscoveryservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationinsights/api_client.go b/service/applicationinsights/api_client.go index f4ba1f9229a..39b2102bd1e 100644 --- a/service/applicationinsights/api_client.go +++ b/service/applicationinsights/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/applicationinsights/auth.go b/service/applicationinsights/auth.go index 1d78ba3c2d3..a440b044c34 100644 --- a/service/applicationinsights/auth.go +++ b/service/applicationinsights/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationinsights/endpoints.go b/service/applicationinsights/endpoints.go index bea03bc49c8..a06cec1dff3 100644 --- a/service/applicationinsights/endpoints.go +++ b/service/applicationinsights/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationinsights/options.go b/service/applicationinsights/options.go index e6e11569d25..0104b50bbfd 100644 --- a/service/applicationinsights/options.go +++ b/service/applicationinsights/options.go @@ -5,7 +5,6 @@ package applicationinsights import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appmesh/api_client.go b/service/appmesh/api_client.go index 60794c27b25..252002f46c9 100644 --- a/service/appmesh/api_client.go +++ b/service/appmesh/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appmesh/auth.go b/service/appmesh/auth.go index e51445fcf17..2a4c86d891a 100644 --- a/service/appmesh/auth.go +++ b/service/appmesh/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appmesh/endpoints.go b/service/appmesh/endpoints.go index 7fcbe0e0873..8ce49216bd5 100644 --- a/service/appmesh/endpoints.go +++ b/service/appmesh/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appmesh/options.go b/service/appmesh/options.go index 3682199b8dd..1cab890736d 100644 --- a/service/appmesh/options.go +++ b/service/appmesh/options.go @@ -5,7 +5,6 @@ package appmesh import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apprunner/api_client.go b/service/apprunner/api_client.go index 6fc2fa6c038..840180e120f 100644 --- a/service/apprunner/api_client.go +++ b/service/apprunner/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/apprunner/auth.go b/service/apprunner/auth.go index 71b8ffab5b2..331ea57342a 100644 --- a/service/apprunner/auth.go +++ b/service/apprunner/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apprunner/endpoints.go b/service/apprunner/endpoints.go index 6a3a4345c74..8480e1c52f6 100644 --- a/service/apprunner/endpoints.go +++ b/service/apprunner/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apprunner/options.go b/service/apprunner/options.go index 71be70c977f..dbab338d6df 100644 --- a/service/apprunner/options.go +++ b/service/apprunner/options.go @@ -5,7 +5,6 @@ package apprunner import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appstream/api_client.go b/service/appstream/api_client.go index 33ff87e55a7..b9a12d78d94 100644 --- a/service/appstream/api_client.go +++ b/service/appstream/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appstream/auth.go b/service/appstream/auth.go index ec31aec27a7..b420016665e 100644 --- a/service/appstream/auth.go +++ b/service/appstream/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appstream/endpoints.go b/service/appstream/endpoints.go index e7cfadd1bb7..4f1a2fe1c1e 100644 --- a/service/appstream/endpoints.go +++ b/service/appstream/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appstream/options.go b/service/appstream/options.go index 79d5a76b5ac..7e745094409 100644 --- a/service/appstream/options.go +++ b/service/appstream/options.go @@ -5,7 +5,6 @@ package appstream import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appsync/api_client.go b/service/appsync/api_client.go index f45a307e576..3ce524e6908 100644 --- a/service/appsync/api_client.go +++ b/service/appsync/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/appsync/auth.go b/service/appsync/auth.go index d9dafade6f0..c5dd4955ae2 100644 --- a/service/appsync/auth.go +++ b/service/appsync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appsync/endpoints.go b/service/appsync/endpoints.go index 2a5966e62e0..5925615e678 100644 --- a/service/appsync/endpoints.go +++ b/service/appsync/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appsync/options.go b/service/appsync/options.go index f81913586d9..8f4505d8489 100644 --- a/service/appsync/options.go +++ b/service/appsync/options.go @@ -5,7 +5,6 @@ package appsync import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/arczonalshift/api_client.go b/service/arczonalshift/api_client.go index 4ad3b4be161..60330e886b0 100644 --- a/service/arczonalshift/api_client.go +++ b/service/arczonalshift/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/arczonalshift/auth.go b/service/arczonalshift/auth.go index 0eb108790f2..8c947a047ec 100644 --- a/service/arczonalshift/auth.go +++ b/service/arczonalshift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/arczonalshift/endpoints.go b/service/arczonalshift/endpoints.go index e3e4b420c65..5523a2834fc 100644 --- a/service/arczonalshift/endpoints.go +++ b/service/arczonalshift/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/arczonalshift/options.go b/service/arczonalshift/options.go index c331ffb1f48..2f88c457456 100644 --- a/service/arczonalshift/options.go +++ b/service/arczonalshift/options.go @@ -5,7 +5,6 @@ package arczonalshift import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/athena/api_client.go b/service/athena/api_client.go index 1d787d7983b..8e264e29fa1 100644 --- a/service/athena/api_client.go +++ b/service/athena/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/athena/auth.go b/service/athena/auth.go index e111acee884..a819f1195df 100644 --- a/service/athena/auth.go +++ b/service/athena/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/athena/endpoints.go b/service/athena/endpoints.go index e5288e180da..84f10fa8261 100644 --- a/service/athena/endpoints.go +++ b/service/athena/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/athena/options.go b/service/athena/options.go index 7fda1000f12..f3f1f5fa505 100644 --- a/service/athena/options.go +++ b/service/athena/options.go @@ -5,7 +5,6 @@ package athena import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/auditmanager/api_client.go b/service/auditmanager/api_client.go index b8466d0c6df..ee103eaf266 100644 --- a/service/auditmanager/api_client.go +++ b/service/auditmanager/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/auditmanager/auth.go b/service/auditmanager/auth.go index 761cd3aded3..7782307f945 100644 --- a/service/auditmanager/auth.go +++ b/service/auditmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/auditmanager/endpoints.go b/service/auditmanager/endpoints.go index c674a0a287f..337023a7638 100644 --- a/service/auditmanager/endpoints.go +++ b/service/auditmanager/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/auditmanager/options.go b/service/auditmanager/options.go index 2f8bee77830..2844f7ba499 100644 --- a/service/auditmanager/options.go +++ b/service/auditmanager/options.go @@ -5,7 +5,6 @@ package auditmanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/autoscaling/api_client.go b/service/autoscaling/api_client.go index 000c2a05c1c..ebffefb3f0f 100644 --- a/service/autoscaling/api_client.go +++ b/service/autoscaling/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/autoscaling/auth.go b/service/autoscaling/auth.go index 5d1e7515a93..4c2a3897ec4 100644 --- a/service/autoscaling/auth.go +++ b/service/autoscaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/autoscaling/endpoints.go b/service/autoscaling/endpoints.go index 81d797221ff..7e3e5287c7c 100644 --- a/service/autoscaling/endpoints.go +++ b/service/autoscaling/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/autoscaling/options.go b/service/autoscaling/options.go index 06f515755ee..9a183095a31 100644 --- a/service/autoscaling/options.go +++ b/service/autoscaling/options.go @@ -5,7 +5,6 @@ package autoscaling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/autoscalingplans/api_client.go b/service/autoscalingplans/api_client.go index 8c284930dfd..7512fcf7fda 100644 --- a/service/autoscalingplans/api_client.go +++ b/service/autoscalingplans/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/autoscalingplans/auth.go b/service/autoscalingplans/auth.go index 68e91951e3e..47bc2e5478d 100644 --- a/service/autoscalingplans/auth.go +++ b/service/autoscalingplans/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/autoscalingplans/endpoints.go b/service/autoscalingplans/endpoints.go index 90100bd1f83..b72ee91e7e6 100644 --- a/service/autoscalingplans/endpoints.go +++ b/service/autoscalingplans/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/autoscalingplans/options.go b/service/autoscalingplans/options.go index fd816984ef3..05f31b55b77 100644 --- a/service/autoscalingplans/options.go +++ b/service/autoscalingplans/options.go @@ -5,7 +5,6 @@ package autoscalingplans import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/b2bi/api_client.go b/service/b2bi/api_client.go index 8e0ea49348d..c7d6ad9a48b 100644 --- a/service/b2bi/api_client.go +++ b/service/b2bi/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/b2bi/auth.go b/service/b2bi/auth.go index 15700b05980..621982d01b2 100644 --- a/service/b2bi/auth.go +++ b/service/b2bi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/b2bi/endpoints.go b/service/b2bi/endpoints.go index 10be06c981a..416a441eada 100644 --- a/service/b2bi/endpoints.go +++ b/service/b2bi/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/b2bi/options.go b/service/b2bi/options.go index a90f6a3c8b3..83b7f186c3a 100644 --- a/service/b2bi/options.go +++ b/service/b2bi/options.go @@ -5,7 +5,6 @@ package b2bi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backup/api_client.go b/service/backup/api_client.go index 2efb04bbfbe..1b8de15e813 100644 --- a/service/backup/api_client.go +++ b/service/backup/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/backup/auth.go b/service/backup/auth.go index 97d00f4ead2..a80946ab435 100644 --- a/service/backup/auth.go +++ b/service/backup/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backup/endpoints.go b/service/backup/endpoints.go index ef6db050b32..a56cb68ac5a 100644 --- a/service/backup/endpoints.go +++ b/service/backup/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backup/options.go b/service/backup/options.go index 33a88de0c55..b6d89e22e7b 100644 --- a/service/backup/options.go +++ b/service/backup/options.go @@ -5,7 +5,6 @@ package backup import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backupgateway/api_client.go b/service/backupgateway/api_client.go index c848b323666..9a72e44e110 100644 --- a/service/backupgateway/api_client.go +++ b/service/backupgateway/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/backupgateway/auth.go b/service/backupgateway/auth.go index 1bc1d95af5a..d91472bc572 100644 --- a/service/backupgateway/auth.go +++ b/service/backupgateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backupgateway/endpoints.go b/service/backupgateway/endpoints.go index 6bae18e92d2..d11d7b56a4b 100644 --- a/service/backupgateway/endpoints.go +++ b/service/backupgateway/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backupgateway/options.go b/service/backupgateway/options.go index 9fb7a497494..ebb2d074e92 100644 --- a/service/backupgateway/options.go +++ b/service/backupgateway/options.go @@ -5,7 +5,6 @@ package backupgateway import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backupstorage/api_client.go b/service/backupstorage/api_client.go index a2f59dcbc2e..a18a99db7f1 100644 --- a/service/backupstorage/api_client.go +++ b/service/backupstorage/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/backupstorage/auth.go b/service/backupstorage/auth.go index 8b638d2a138..9dacc499bfe 100644 --- a/service/backupstorage/auth.go +++ b/service/backupstorage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -190,7 +190,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backupstorage/endpoints.go b/service/backupstorage/endpoints.go index a82007afa5a..a90d933a49a 100644 --- a/service/backupstorage/endpoints.go +++ b/service/backupstorage/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backupstorage/options.go b/service/backupstorage/options.go index 5fbfb47014d..83701b74b14 100644 --- a/service/backupstorage/options.go +++ b/service/backupstorage/options.go @@ -5,7 +5,6 @@ package backupstorage import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/batch/api_client.go b/service/batch/api_client.go index 88823343bc8..fbb0f62684b 100644 --- a/service/batch/api_client.go +++ b/service/batch/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/batch/auth.go b/service/batch/auth.go index ab984df7e9a..f17ae176ebd 100644 --- a/service/batch/auth.go +++ b/service/batch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/batch/endpoints.go b/service/batch/endpoints.go index e777bcd2b13..b953f54b653 100644 --- a/service/batch/endpoints.go +++ b/service/batch/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/batch/options.go b/service/batch/options.go index 68e39cf80b7..c9038923519 100644 --- a/service/batch/options.go +++ b/service/batch/options.go @@ -5,7 +5,6 @@ package batch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bcmdataexports/api_client.go b/service/bcmdataexports/api_client.go index 88053688d55..40d95ba6f2d 100644 --- a/service/bcmdataexports/api_client.go +++ b/service/bcmdataexports/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bcmdataexports/auth.go b/service/bcmdataexports/auth.go index 6a3069c7bd8..9fbb062c8e7 100644 --- a/service/bcmdataexports/auth.go +++ b/service/bcmdataexports/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bcmdataexports/endpoints.go b/service/bcmdataexports/endpoints.go index c66eb8186fd..8a2abd0dc44 100644 --- a/service/bcmdataexports/endpoints.go +++ b/service/bcmdataexports/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -465,7 +464,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -493,9 +492,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -506,7 +502,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bcmdataexports/options.go b/service/bcmdataexports/options.go index c17563945ef..396bd2bb7b2 100644 --- a/service/bcmdataexports/options.go +++ b/service/bcmdataexports/options.go @@ -5,7 +5,6 @@ package bcmdataexports import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrock/api_client.go b/service/bedrock/api_client.go index 10464dfaaee..bec76d136d7 100644 --- a/service/bedrock/api_client.go +++ b/service/bedrock/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrock/auth.go b/service/bedrock/auth.go index 4dff47684cf..5fb4c6956b5 100644 --- a/service/bedrock/auth.go +++ b/service/bedrock/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrock/endpoints.go b/service/bedrock/endpoints.go index f8523fddac3..3434ef052f2 100644 --- a/service/bedrock/endpoints.go +++ b/service/bedrock/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrock/options.go b/service/bedrock/options.go index 4ee3f9245f4..0faea81e708 100644 --- a/service/bedrock/options.go +++ b/service/bedrock/options.go @@ -5,7 +5,6 @@ package bedrock import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockagent/api_client.go b/service/bedrockagent/api_client.go index 7975af8f063..8b8902be1a5 100644 --- a/service/bedrockagent/api_client.go +++ b/service/bedrockagent/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrockagent/auth.go b/service/bedrockagent/auth.go index d289662fc97..0a53cadc7b4 100644 --- a/service/bedrockagent/auth.go +++ b/service/bedrockagent/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockagent/endpoints.go b/service/bedrockagent/endpoints.go index 25c33ccfe79..068db137928 100644 --- a/service/bedrockagent/endpoints.go +++ b/service/bedrockagent/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockagent/options.go b/service/bedrockagent/options.go index ef12e4da153..763f8c1e7d7 100644 --- a/service/bedrockagent/options.go +++ b/service/bedrockagent/options.go @@ -5,7 +5,6 @@ package bedrockagent import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockagentruntime/api_client.go b/service/bedrockagentruntime/api_client.go index 2282fb95586..abb0323fcf0 100644 --- a/service/bedrockagentruntime/api_client.go +++ b/service/bedrockagentruntime/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrockagentruntime/auth.go b/service/bedrockagentruntime/auth.go index a303b7f8664..f7aa5347ff0 100644 --- a/service/bedrockagentruntime/auth.go +++ b/service/bedrockagentruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockagentruntime/endpoints.go b/service/bedrockagentruntime/endpoints.go index a58326d3147..b14a1aef363 100644 --- a/service/bedrockagentruntime/endpoints.go +++ b/service/bedrockagentruntime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockagentruntime/options.go b/service/bedrockagentruntime/options.go index a666be5817a..bb0d5954e9c 100644 --- a/service/bedrockagentruntime/options.go +++ b/service/bedrockagentruntime/options.go @@ -5,7 +5,6 @@ package bedrockagentruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockruntime/api_client.go b/service/bedrockruntime/api_client.go index 5f43661305f..47a24f54641 100644 --- a/service/bedrockruntime/api_client.go +++ b/service/bedrockruntime/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/bedrockruntime/auth.go b/service/bedrockruntime/auth.go index 13ae3388056..e6b3c0bf253 100644 --- a/service/bedrockruntime/auth.go +++ b/service/bedrockruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockruntime/endpoints.go b/service/bedrockruntime/endpoints.go index bf499ac507d..91afc6d87a2 100644 --- a/service/bedrockruntime/endpoints.go +++ b/service/bedrockruntime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockruntime/options.go b/service/bedrockruntime/options.go index f23820bf71d..78b258a178b 100644 --- a/service/bedrockruntime/options.go +++ b/service/bedrockruntime/options.go @@ -5,7 +5,6 @@ package bedrockruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/billingconductor/api_client.go b/service/billingconductor/api_client.go index 3c8d88202f1..dbd40fcc41f 100644 --- a/service/billingconductor/api_client.go +++ b/service/billingconductor/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/billingconductor/auth.go b/service/billingconductor/auth.go index 779e90292c1..1130662d1f3 100644 --- a/service/billingconductor/auth.go +++ b/service/billingconductor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/billingconductor/endpoints.go b/service/billingconductor/endpoints.go index 997d2a65006..f1f840aca11 100644 --- a/service/billingconductor/endpoints.go +++ b/service/billingconductor/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -475,7 +474,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -504,9 +503,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -517,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/billingconductor/options.go b/service/billingconductor/options.go index ae92a4d9e75..7e5c4bf6393 100644 --- a/service/billingconductor/options.go +++ b/service/billingconductor/options.go @@ -5,7 +5,6 @@ package billingconductor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/braket/api_client.go b/service/braket/api_client.go index ffc5b4ad4e4..da1a292e9a5 100644 --- a/service/braket/api_client.go +++ b/service/braket/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/braket/auth.go b/service/braket/auth.go index 23c3607f3c2..4ae3d36980f 100644 --- a/service/braket/auth.go +++ b/service/braket/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/braket/endpoints.go b/service/braket/endpoints.go index 438dfdbe1bf..16e5eb1b8cf 100644 --- a/service/braket/endpoints.go +++ b/service/braket/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/braket/options.go b/service/braket/options.go index 2c524cc2e36..6f2478af3c7 100644 --- a/service/braket/options.go +++ b/service/braket/options.go @@ -5,7 +5,6 @@ package braket import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/budgets/api_client.go b/service/budgets/api_client.go index eb690adb482..8843511cb78 100644 --- a/service/budgets/api_client.go +++ b/service/budgets/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/budgets/auth.go b/service/budgets/auth.go index 7d3683f4322..9b66a814445 100644 --- a/service/budgets/auth.go +++ b/service/budgets/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/budgets/endpoints.go b/service/budgets/endpoints.go index 63ad0b5086c..ad90204c52c 100644 --- a/service/budgets/endpoints.go +++ b/service/budgets/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -509,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,9 +537,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -551,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/budgets/options.go b/service/budgets/options.go index 24ab3cc689a..d34e144ab4a 100644 --- a/service/budgets/options.go +++ b/service/budgets/options.go @@ -5,7 +5,6 @@ package budgets import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chime/api_client.go b/service/chime/api_client.go index 06b194fa0ab..8990bfd76d9 100644 --- a/service/chime/api_client.go +++ b/service/chime/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chime/auth.go b/service/chime/auth.go index 4ebf00fef53..6adcb392e6b 100644 --- a/service/chime/auth.go +++ b/service/chime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chime/endpoints.go b/service/chime/endpoints.go index 82d15af0943..9e83ed2dba6 100644 --- a/service/chime/endpoints.go +++ b/service/chime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -475,7 +474,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -504,9 +503,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -517,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chime/options.go b/service/chime/options.go index a0183db03ae..daea71c83fe 100644 --- a/service/chime/options.go +++ b/service/chime/options.go @@ -5,7 +5,6 @@ package chime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkidentity/api_client.go b/service/chimesdkidentity/api_client.go index bcab7f5f0a2..f5f2f973e19 100644 --- a/service/chimesdkidentity/api_client.go +++ b/service/chimesdkidentity/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkidentity/auth.go b/service/chimesdkidentity/auth.go index 70ff32a6451..34fbc2694c4 100644 --- a/service/chimesdkidentity/auth.go +++ b/service/chimesdkidentity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkidentity/endpoints.go b/service/chimesdkidentity/endpoints.go index a36b707d864..9c94dada7a8 100644 --- a/service/chimesdkidentity/endpoints.go +++ b/service/chimesdkidentity/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkidentity/options.go b/service/chimesdkidentity/options.go index e96eac8f7cc..ab06461c37d 100644 --- a/service/chimesdkidentity/options.go +++ b/service/chimesdkidentity/options.go @@ -5,7 +5,6 @@ package chimesdkidentity import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmediapipelines/api_client.go b/service/chimesdkmediapipelines/api_client.go index 9aa44fe5929..e093b76e616 100644 --- a/service/chimesdkmediapipelines/api_client.go +++ b/service/chimesdkmediapipelines/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkmediapipelines/auth.go b/service/chimesdkmediapipelines/auth.go index 384f0f52eaf..c75bebffd91 100644 --- a/service/chimesdkmediapipelines/auth.go +++ b/service/chimesdkmediapipelines/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmediapipelines/endpoints.go b/service/chimesdkmediapipelines/endpoints.go index 2f71cb86eef..58ff887d5a4 100644 --- a/service/chimesdkmediapipelines/endpoints.go +++ b/service/chimesdkmediapipelines/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmediapipelines/options.go b/service/chimesdkmediapipelines/options.go index 4d985b965f7..aa4bc74301a 100644 --- a/service/chimesdkmediapipelines/options.go +++ b/service/chimesdkmediapipelines/options.go @@ -5,7 +5,6 @@ package chimesdkmediapipelines import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmeetings/api_client.go b/service/chimesdkmeetings/api_client.go index 499253c1768..b7c9704e75d 100644 --- a/service/chimesdkmeetings/api_client.go +++ b/service/chimesdkmeetings/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkmeetings/auth.go b/service/chimesdkmeetings/auth.go index 108edb31baa..08f48a4239c 100644 --- a/service/chimesdkmeetings/auth.go +++ b/service/chimesdkmeetings/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmeetings/endpoints.go b/service/chimesdkmeetings/endpoints.go index cfb74140021..9e9227ea1f8 100644 --- a/service/chimesdkmeetings/endpoints.go +++ b/service/chimesdkmeetings/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmeetings/options.go b/service/chimesdkmeetings/options.go index 1c1d6df4a35..4818b1c243b 100644 --- a/service/chimesdkmeetings/options.go +++ b/service/chimesdkmeetings/options.go @@ -5,7 +5,6 @@ package chimesdkmeetings import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmessaging/api_client.go b/service/chimesdkmessaging/api_client.go index fe4233feaaf..a8dd1bdb2a1 100644 --- a/service/chimesdkmessaging/api_client.go +++ b/service/chimesdkmessaging/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkmessaging/auth.go b/service/chimesdkmessaging/auth.go index a4985c45375..715791d49c9 100644 --- a/service/chimesdkmessaging/auth.go +++ b/service/chimesdkmessaging/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmessaging/endpoints.go b/service/chimesdkmessaging/endpoints.go index 5527f19008a..57c80aec727 100644 --- a/service/chimesdkmessaging/endpoints.go +++ b/service/chimesdkmessaging/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmessaging/options.go b/service/chimesdkmessaging/options.go index d66aa2b4686..b397f55846c 100644 --- a/service/chimesdkmessaging/options.go +++ b/service/chimesdkmessaging/options.go @@ -5,7 +5,6 @@ package chimesdkmessaging import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkvoice/api_client.go b/service/chimesdkvoice/api_client.go index e4191352747..3ca4d86c9c0 100644 --- a/service/chimesdkvoice/api_client.go +++ b/service/chimesdkvoice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/chimesdkvoice/auth.go b/service/chimesdkvoice/auth.go index 26e248d5f40..e5ec8b7d74d 100644 --- a/service/chimesdkvoice/auth.go +++ b/service/chimesdkvoice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkvoice/endpoints.go b/service/chimesdkvoice/endpoints.go index f28d1cb76a4..3c97bb335a0 100644 --- a/service/chimesdkvoice/endpoints.go +++ b/service/chimesdkvoice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkvoice/options.go b/service/chimesdkvoice/options.go index 9075ad98442..b74af6f12eb 100644 --- a/service/chimesdkvoice/options.go +++ b/service/chimesdkvoice/options.go @@ -5,7 +5,6 @@ package chimesdkvoice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cleanrooms/api_client.go b/service/cleanrooms/api_client.go index 5614244125a..e4ea9e6ec13 100644 --- a/service/cleanrooms/api_client.go +++ b/service/cleanrooms/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cleanrooms/auth.go b/service/cleanrooms/auth.go index 314e40c2d61..b1878f8b06c 100644 --- a/service/cleanrooms/auth.go +++ b/service/cleanrooms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cleanrooms/endpoints.go b/service/cleanrooms/endpoints.go index 6d1a48374e2..512fa4ae93e 100644 --- a/service/cleanrooms/endpoints.go +++ b/service/cleanrooms/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cleanrooms/options.go b/service/cleanrooms/options.go index d15911b7528..722ec717498 100644 --- a/service/cleanrooms/options.go +++ b/service/cleanrooms/options.go @@ -5,7 +5,6 @@ package cleanrooms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cleanroomsml/api_client.go b/service/cleanroomsml/api_client.go index f96c1304c8d..c8e761d3e30 100644 --- a/service/cleanroomsml/api_client.go +++ b/service/cleanroomsml/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cleanroomsml/auth.go b/service/cleanroomsml/auth.go index 0bdea4aea65..8cf00fe2d2a 100644 --- a/service/cleanroomsml/auth.go +++ b/service/cleanroomsml/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cleanroomsml/endpoints.go b/service/cleanroomsml/endpoints.go index d693e53849d..e2bf7cadd4f 100644 --- a/service/cleanroomsml/endpoints.go +++ b/service/cleanroomsml/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cleanroomsml/options.go b/service/cleanroomsml/options.go index 909520f07ab..cc25fe03792 100644 --- a/service/cleanroomsml/options.go +++ b/service/cleanroomsml/options.go @@ -5,7 +5,6 @@ package cleanroomsml import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloud9/api_client.go b/service/cloud9/api_client.go index 4b0ec18a08b..c728779f732 100644 --- a/service/cloud9/api_client.go +++ b/service/cloud9/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloud9/auth.go b/service/cloud9/auth.go index 4621744e08b..45b8810ca71 100644 --- a/service/cloud9/auth.go +++ b/service/cloud9/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloud9/endpoints.go b/service/cloud9/endpoints.go index a7c769d7681..4e5dae268b1 100644 --- a/service/cloud9/endpoints.go +++ b/service/cloud9/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloud9/options.go b/service/cloud9/options.go index 6fb26290048..b7b714646a8 100644 --- a/service/cloud9/options.go +++ b/service/cloud9/options.go @@ -5,7 +5,6 @@ package cloud9 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudcontrol/api_client.go b/service/cloudcontrol/api_client.go index 85191caaa65..1c5cdd74055 100644 --- a/service/cloudcontrol/api_client.go +++ b/service/cloudcontrol/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudcontrol/auth.go b/service/cloudcontrol/auth.go index 66f6e275cd0..6c01a7870ca 100644 --- a/service/cloudcontrol/auth.go +++ b/service/cloudcontrol/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudcontrol/endpoints.go b/service/cloudcontrol/endpoints.go index 91060535488..ac92be955d0 100644 --- a/service/cloudcontrol/endpoints.go +++ b/service/cloudcontrol/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudcontrol/options.go b/service/cloudcontrol/options.go index fd1a65b5028..10c7257720e 100644 --- a/service/cloudcontrol/options.go +++ b/service/cloudcontrol/options.go @@ -5,7 +5,6 @@ package cloudcontrol import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/clouddirectory/api_client.go b/service/clouddirectory/api_client.go index bdb28b4f428..823c7231ee0 100644 --- a/service/clouddirectory/api_client.go +++ b/service/clouddirectory/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/clouddirectory/auth.go b/service/clouddirectory/auth.go index 24abb06e1d0..7ef219219b7 100644 --- a/service/clouddirectory/auth.go +++ b/service/clouddirectory/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/clouddirectory/endpoints.go b/service/clouddirectory/endpoints.go index b8e40f13b48..193bed2d48c 100644 --- a/service/clouddirectory/endpoints.go +++ b/service/clouddirectory/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/clouddirectory/options.go b/service/clouddirectory/options.go index bedfef195ac..6d320e151e0 100644 --- a/service/clouddirectory/options.go +++ b/service/clouddirectory/options.go @@ -5,7 +5,6 @@ package clouddirectory import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudformation/api_client.go b/service/cloudformation/api_client.go index 6b353e94ff7..4bbfff117a0 100644 --- a/service/cloudformation/api_client.go +++ b/service/cloudformation/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudformation/auth.go b/service/cloudformation/auth.go index 4f9bcf0aaa1..b3ffff854fc 100644 --- a/service/cloudformation/auth.go +++ b/service/cloudformation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudformation/endpoints.go b/service/cloudformation/endpoints.go index 11aa1a29c4f..753fa15111f 100644 --- a/service/cloudformation/endpoints.go +++ b/service/cloudformation/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudformation/options.go b/service/cloudformation/options.go index da4d3edc7ba..5357466b7bd 100644 --- a/service/cloudformation/options.go +++ b/service/cloudformation/options.go @@ -5,7 +5,6 @@ package cloudformation import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudfront/api_client.go b/service/cloudfront/api_client.go index b65d6fb1ad6..b3ea9db5454 100644 --- a/service/cloudfront/api_client.go +++ b/service/cloudfront/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudfront/auth.go b/service/cloudfront/auth.go index 162d4fc7ba9..424e6944949 100644 --- a/service/cloudfront/auth.go +++ b/service/cloudfront/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudfront/endpoints.go b/service/cloudfront/endpoints.go index c2654ae299d..05e2b2e7578 100644 --- a/service/cloudfront/endpoints.go +++ b/service/cloudfront/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -543,7 +542,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -572,9 +571,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -585,7 +581,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudfront/options.go b/service/cloudfront/options.go index 4f0117d1a8d..502c0ce28de 100644 --- a/service/cloudfront/options.go +++ b/service/cloudfront/options.go @@ -5,7 +5,6 @@ package cloudfront import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudfrontkeyvaluestore/api_client.go b/service/cloudfrontkeyvaluestore/api_client.go index 4b927e482f2..93ec74b0a81 100644 --- a/service/cloudfrontkeyvaluestore/api_client.go +++ b/service/cloudfrontkeyvaluestore/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudfrontkeyvaluestore/auth.go b/service/cloudfrontkeyvaluestore/auth.go index 6ad1a883127..e43490e9fa4 100644 --- a/service/cloudfrontkeyvaluestore/auth.go +++ b/service/cloudfrontkeyvaluestore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudfrontkeyvaluestore/endpoints.go b/service/cloudfrontkeyvaluestore/endpoints.go index 7f2461051ee..e670bf5c278 100644 --- a/service/cloudfrontkeyvaluestore/endpoints.go +++ b/service/cloudfrontkeyvaluestore/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -544,7 +543,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -572,9 +571,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -585,7 +581,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudfrontkeyvaluestore/options.go b/service/cloudfrontkeyvaluestore/options.go index 739dd5e1102..4ffd85d42dd 100644 --- a/service/cloudfrontkeyvaluestore/options.go +++ b/service/cloudfrontkeyvaluestore/options.go @@ -5,7 +5,6 @@ package cloudfrontkeyvaluestore import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudhsm/api_client.go b/service/cloudhsm/api_client.go index 110c550afe5..b05be156506 100644 --- a/service/cloudhsm/api_client.go +++ b/service/cloudhsm/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudhsm/auth.go b/service/cloudhsm/auth.go index 6a0f6e37463..af7ba216d1f 100644 --- a/service/cloudhsm/auth.go +++ b/service/cloudhsm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudhsm/endpoints.go b/service/cloudhsm/endpoints.go index 284f75392d4..8696185954e 100644 --- a/service/cloudhsm/endpoints.go +++ b/service/cloudhsm/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudhsm/options.go b/service/cloudhsm/options.go index 78edf87d499..9dc12483622 100644 --- a/service/cloudhsm/options.go +++ b/service/cloudhsm/options.go @@ -5,7 +5,6 @@ package cloudhsm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudhsmv2/api_client.go b/service/cloudhsmv2/api_client.go index 5ea6be94f69..2bd421266f8 100644 --- a/service/cloudhsmv2/api_client.go +++ b/service/cloudhsmv2/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudhsmv2/auth.go b/service/cloudhsmv2/auth.go index 3b13c7d02d0..50320c77406 100644 --- a/service/cloudhsmv2/auth.go +++ b/service/cloudhsmv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudhsmv2/endpoints.go b/service/cloudhsmv2/endpoints.go index c226e70819d..756d776a550 100644 --- a/service/cloudhsmv2/endpoints.go +++ b/service/cloudhsmv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudhsmv2/options.go b/service/cloudhsmv2/options.go index 9a7c0df5e2a..44c25a26f27 100644 --- a/service/cloudhsmv2/options.go +++ b/service/cloudhsmv2/options.go @@ -5,7 +5,6 @@ package cloudhsmv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudsearch/api_client.go b/service/cloudsearch/api_client.go index 4f7b769980e..dadfd2f86e4 100644 --- a/service/cloudsearch/api_client.go +++ b/service/cloudsearch/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudsearch/auth.go b/service/cloudsearch/auth.go index 50ec7a77304..0e18b91c7c5 100644 --- a/service/cloudsearch/auth.go +++ b/service/cloudsearch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudsearch/endpoints.go b/service/cloudsearch/endpoints.go index 4b915a41adf..5df55af2f48 100644 --- a/service/cloudsearch/endpoints.go +++ b/service/cloudsearch/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudsearch/options.go b/service/cloudsearch/options.go index 40e6ef71250..a5d00c96a33 100644 --- a/service/cloudsearch/options.go +++ b/service/cloudsearch/options.go @@ -5,7 +5,6 @@ package cloudsearch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudsearchdomain/api_client.go b/service/cloudsearchdomain/api_client.go index a860711f385..7ce19eeff61 100644 --- a/service/cloudsearchdomain/api_client.go +++ b/service/cloudsearchdomain/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudsearchdomain/auth.go b/service/cloudsearchdomain/auth.go index bfa2f96840f..cd60da2b0f8 100644 --- a/service/cloudsearchdomain/auth.go +++ b/service/cloudsearchdomain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudsearchdomain/endpoints.go b/service/cloudsearchdomain/endpoints.go index e20863c1af6..909496715b3 100644 --- a/service/cloudsearchdomain/endpoints.go +++ b/service/cloudsearchdomain/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudsearchdomain/options.go b/service/cloudsearchdomain/options.go index 14ea2121dea..5858235da40 100644 --- a/service/cloudsearchdomain/options.go +++ b/service/cloudsearchdomain/options.go @@ -5,7 +5,6 @@ package cloudsearchdomain import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudtrail/api_client.go b/service/cloudtrail/api_client.go index 78a7f2e8d33..7ea04f926e4 100644 --- a/service/cloudtrail/api_client.go +++ b/service/cloudtrail/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudtrail/auth.go b/service/cloudtrail/auth.go index 0c8b6df8496..866b0958eba 100644 --- a/service/cloudtrail/auth.go +++ b/service/cloudtrail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudtrail/endpoints.go b/service/cloudtrail/endpoints.go index c9ae53202c0..eb9b4c08d50 100644 --- a/service/cloudtrail/endpoints.go +++ b/service/cloudtrail/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -466,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,9 +494,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -508,7 +504,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudtrail/options.go b/service/cloudtrail/options.go index a5480964a7b..3f41deae494 100644 --- a/service/cloudtrail/options.go +++ b/service/cloudtrail/options.go @@ -5,7 +5,6 @@ package cloudtrail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudtraildata/api_client.go b/service/cloudtraildata/api_client.go index e1390a86753..3f796feb2e0 100644 --- a/service/cloudtraildata/api_client.go +++ b/service/cloudtraildata/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudtraildata/auth.go b/service/cloudtraildata/auth.go index 0af9bba26fb..ffae409d45c 100644 --- a/service/cloudtraildata/auth.go +++ b/service/cloudtraildata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudtraildata/endpoints.go b/service/cloudtraildata/endpoints.go index 3b30bbd539c..1850b0532a1 100644 --- a/service/cloudtraildata/endpoints.go +++ b/service/cloudtraildata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudtraildata/options.go b/service/cloudtraildata/options.go index 9fbc2dee4b9..e483254413e 100644 --- a/service/cloudtraildata/options.go +++ b/service/cloudtraildata/options.go @@ -5,7 +5,6 @@ package cloudtraildata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatch/api_client.go b/service/cloudwatch/api_client.go index 8c211d4d272..4159dba3b36 100644 --- a/service/cloudwatch/api_client.go +++ b/service/cloudwatch/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudwatch/auth.go b/service/cloudwatch/auth.go index 44c1b854bc4..d7dd29021ef 100644 --- a/service/cloudwatch/auth.go +++ b/service/cloudwatch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatch/endpoints.go b/service/cloudwatch/endpoints.go index 007ad0380d6..a0496b79974 100644 --- a/service/cloudwatch/endpoints.go +++ b/service/cloudwatch/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatch/options.go b/service/cloudwatch/options.go index 76a417febff..69a23e5125d 100644 --- a/service/cloudwatch/options.go +++ b/service/cloudwatch/options.go @@ -5,7 +5,6 @@ package cloudwatch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatchevents/api_client.go b/service/cloudwatchevents/api_client.go index 84eb8c537f5..ffebc2f7d21 100644 --- a/service/cloudwatchevents/api_client.go +++ b/service/cloudwatchevents/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudwatchevents/auth.go b/service/cloudwatchevents/auth.go index 17049b84a12..54b6cf2b251 100644 --- a/service/cloudwatchevents/auth.go +++ b/service/cloudwatchevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatchevents/endpoints.go b/service/cloudwatchevents/endpoints.go index cf095e39e42..3bad8bd1879 100644 --- a/service/cloudwatchevents/endpoints.go +++ b/service/cloudwatchevents/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -466,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,9 +494,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -508,7 +504,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatchevents/options.go b/service/cloudwatchevents/options.go index dfa82dab8b1..2552376ac33 100644 --- a/service/cloudwatchevents/options.go +++ b/service/cloudwatchevents/options.go @@ -5,7 +5,6 @@ package cloudwatchevents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatchlogs/api_client.go b/service/cloudwatchlogs/api_client.go index 3461936e90f..62a3f467aae 100644 --- a/service/cloudwatchlogs/api_client.go +++ b/service/cloudwatchlogs/api_client.go @@ -236,16 +236,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cloudwatchlogs/auth.go b/service/cloudwatchlogs/auth.go index 292db256c89..fff49614c8a 100644 --- a/service/cloudwatchlogs/auth.go +++ b/service/cloudwatchlogs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatchlogs/endpoints.go b/service/cloudwatchlogs/endpoints.go index 8eeb1c18e30..2fa86090a7a 100644 --- a/service/cloudwatchlogs/endpoints.go +++ b/service/cloudwatchlogs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -466,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,9 +494,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -508,7 +504,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatchlogs/options.go b/service/cloudwatchlogs/options.go index d60b26a7149..33256f3d76f 100644 --- a/service/cloudwatchlogs/options.go +++ b/service/cloudwatchlogs/options.go @@ -5,7 +5,6 @@ package cloudwatchlogs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codeartifact/api_client.go b/service/codeartifact/api_client.go index 56c5f138cc5..e4c0f80c862 100644 --- a/service/codeartifact/api_client.go +++ b/service/codeartifact/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codeartifact/auth.go b/service/codeartifact/auth.go index 2d832da2c2c..e3c5ce4848c 100644 --- a/service/codeartifact/auth.go +++ b/service/codeartifact/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeartifact/endpoints.go b/service/codeartifact/endpoints.go index 4774f5015ad..286fb5bed7f 100644 --- a/service/codeartifact/endpoints.go +++ b/service/codeartifact/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeartifact/options.go b/service/codeartifact/options.go index c622763ab91..5e5558ae758 100644 --- a/service/codeartifact/options.go +++ b/service/codeartifact/options.go @@ -5,7 +5,6 @@ package codeartifact import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codebuild/api_client.go b/service/codebuild/api_client.go index aac53fa6fda..5d03878e2f6 100644 --- a/service/codebuild/api_client.go +++ b/service/codebuild/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codebuild/auth.go b/service/codebuild/auth.go index 042e9166557..ee3a0c5363b 100644 --- a/service/codebuild/auth.go +++ b/service/codebuild/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codebuild/endpoints.go b/service/codebuild/endpoints.go index 84abf0204e1..f4390be34e5 100644 --- a/service/codebuild/endpoints.go +++ b/service/codebuild/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codebuild/options.go b/service/codebuild/options.go index 9e8d7f789a2..c8dce451d25 100644 --- a/service/codebuild/options.go +++ b/service/codebuild/options.go @@ -5,7 +5,6 @@ package codebuild import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codecatalyst/api_client.go b/service/codecatalyst/api_client.go index 0685173bd90..b8e5c800548 100644 --- a/service/codecatalyst/api_client.go +++ b/service/codecatalyst/api_client.go @@ -235,7 +235,6 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { Logger: cfg.Logger, ClientLogMode: cfg.ClientLogMode, AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codecatalyst/auth.go b/service/codecatalyst/auth.go index 230ae1075ae..862bbdb5a8f 100644 --- a/service/codecatalyst/auth.go +++ b/service/codecatalyst/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codecatalyst/endpoints.go b/service/codecatalyst/endpoints.go index b706c05d5a8..ab326a9612a 100644 --- a/service/codecatalyst/endpoints.go +++ b/service/codecatalyst/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -404,7 +403,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) @@ -432,9 +431,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -445,7 +441,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codecatalyst/options.go b/service/codecatalyst/options.go index 4238e6b57bb..742da5bef2f 100644 --- a/service/codecatalyst/options.go +++ b/service/codecatalyst/options.go @@ -4,7 +4,6 @@ package codecatalyst import ( "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/auth/bearer" @@ -24,9 +23,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codecommit/api_client.go b/service/codecommit/api_client.go index 7d37324067c..bb5d92ffd86 100644 --- a/service/codecommit/api_client.go +++ b/service/codecommit/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codecommit/auth.go b/service/codecommit/auth.go index da71e6cb8bf..4d144c4122b 100644 --- a/service/codecommit/auth.go +++ b/service/codecommit/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codecommit/endpoints.go b/service/codecommit/endpoints.go index 93c7503ce0a..db1274070f4 100644 --- a/service/codecommit/endpoints.go +++ b/service/codecommit/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codecommit/options.go b/service/codecommit/options.go index ed91a010a61..22ae7feaed4 100644 --- a/service/codecommit/options.go +++ b/service/codecommit/options.go @@ -5,7 +5,6 @@ package codecommit import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codedeploy/api_client.go b/service/codedeploy/api_client.go index 19aedf61c08..a02a5633fb3 100644 --- a/service/codedeploy/api_client.go +++ b/service/codedeploy/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codedeploy/auth.go b/service/codedeploy/auth.go index cc60c53858a..cd85dfc6595 100644 --- a/service/codedeploy/auth.go +++ b/service/codedeploy/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codedeploy/endpoints.go b/service/codedeploy/endpoints.go index 51122647db7..d2c3e72fbd3 100644 --- a/service/codedeploy/endpoints.go +++ b/service/codedeploy/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codedeploy/options.go b/service/codedeploy/options.go index 070b2b4fad5..33557f60913 100644 --- a/service/codedeploy/options.go +++ b/service/codedeploy/options.go @@ -5,7 +5,6 @@ package codedeploy import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codeguruprofiler/api_client.go b/service/codeguruprofiler/api_client.go index fe7c7dd08e2..18790253d25 100644 --- a/service/codeguruprofiler/api_client.go +++ b/service/codeguruprofiler/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codeguruprofiler/auth.go b/service/codeguruprofiler/auth.go index 21aa5524cb6..60053ae5d0b 100644 --- a/service/codeguruprofiler/auth.go +++ b/service/codeguruprofiler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeguruprofiler/endpoints.go b/service/codeguruprofiler/endpoints.go index 4a5a65a06e4..ce825515cbb 100644 --- a/service/codeguruprofiler/endpoints.go +++ b/service/codeguruprofiler/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeguruprofiler/options.go b/service/codeguruprofiler/options.go index 6bee324180b..79b4bbbc346 100644 --- a/service/codeguruprofiler/options.go +++ b/service/codeguruprofiler/options.go @@ -5,7 +5,6 @@ package codeguruprofiler import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codegurureviewer/api_client.go b/service/codegurureviewer/api_client.go index e3f2003033b..bd0e6c520fb 100644 --- a/service/codegurureviewer/api_client.go +++ b/service/codegurureviewer/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codegurureviewer/auth.go b/service/codegurureviewer/auth.go index f812567e904..3987f2f0511 100644 --- a/service/codegurureviewer/auth.go +++ b/service/codegurureviewer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codegurureviewer/endpoints.go b/service/codegurureviewer/endpoints.go index c89fb152f9c..495e43dd1e4 100644 --- a/service/codegurureviewer/endpoints.go +++ b/service/codegurureviewer/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codegurureviewer/options.go b/service/codegurureviewer/options.go index d8a1e6492e9..e2323cec481 100644 --- a/service/codegurureviewer/options.go +++ b/service/codegurureviewer/options.go @@ -5,7 +5,6 @@ package codegurureviewer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codegurusecurity/api_client.go b/service/codegurusecurity/api_client.go index 92585361eca..76aefb15708 100644 --- a/service/codegurusecurity/api_client.go +++ b/service/codegurusecurity/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codegurusecurity/auth.go b/service/codegurusecurity/auth.go index e2089c37760..3b9d0dd4893 100644 --- a/service/codegurusecurity/auth.go +++ b/service/codegurusecurity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codegurusecurity/endpoints.go b/service/codegurusecurity/endpoints.go index 210276f70e3..7852e5b7683 100644 --- a/service/codegurusecurity/endpoints.go +++ b/service/codegurusecurity/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codegurusecurity/options.go b/service/codegurusecurity/options.go index a356abc5024..bd97b809f04 100644 --- a/service/codegurusecurity/options.go +++ b/service/codegurusecurity/options.go @@ -5,7 +5,6 @@ package codegurusecurity import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codepipeline/api_client.go b/service/codepipeline/api_client.go index d9a4e78b59c..708d6e42b19 100644 --- a/service/codepipeline/api_client.go +++ b/service/codepipeline/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codepipeline/auth.go b/service/codepipeline/auth.go index 716fa8d19e5..9cc55014388 100644 --- a/service/codepipeline/auth.go +++ b/service/codepipeline/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codepipeline/endpoints.go b/service/codepipeline/endpoints.go index 9e86a3445f1..3984ae8e185 100644 --- a/service/codepipeline/endpoints.go +++ b/service/codepipeline/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codepipeline/options.go b/service/codepipeline/options.go index e4c568865ef..4d6c61126da 100644 --- a/service/codepipeline/options.go +++ b/service/codepipeline/options.go @@ -5,7 +5,6 @@ package codepipeline import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestar/api_client.go b/service/codestar/api_client.go index ae1e254f19b..0c7a7dc55c1 100644 --- a/service/codestar/api_client.go +++ b/service/codestar/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codestar/auth.go b/service/codestar/auth.go index a8f691a08e6..4b96c0ebcd5 100644 --- a/service/codestar/auth.go +++ b/service/codestar/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestar/endpoints.go b/service/codestar/endpoints.go index cea37ac7f8a..bc7c4efa36a 100644 --- a/service/codestar/endpoints.go +++ b/service/codestar/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestar/options.go b/service/codestar/options.go index 03729503943..eb0b3a3769d 100644 --- a/service/codestar/options.go +++ b/service/codestar/options.go @@ -5,7 +5,6 @@ package codestar import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestarconnections/api_client.go b/service/codestarconnections/api_client.go index 2de29569e61..9ebc922b780 100644 --- a/service/codestarconnections/api_client.go +++ b/service/codestarconnections/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codestarconnections/auth.go b/service/codestarconnections/auth.go index 4edfde9f36b..702ad6f1f30 100644 --- a/service/codestarconnections/auth.go +++ b/service/codestarconnections/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestarconnections/endpoints.go b/service/codestarconnections/endpoints.go index 6841dd50edf..c2f6605d60e 100644 --- a/service/codestarconnections/endpoints.go +++ b/service/codestarconnections/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestarconnections/options.go b/service/codestarconnections/options.go index 9bf49a60d65..a6b2a51cc33 100644 --- a/service/codestarconnections/options.go +++ b/service/codestarconnections/options.go @@ -5,7 +5,6 @@ package codestarconnections import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestarnotifications/api_client.go b/service/codestarnotifications/api_client.go index 77131471ca7..089831e8323 100644 --- a/service/codestarnotifications/api_client.go +++ b/service/codestarnotifications/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/codestarnotifications/auth.go b/service/codestarnotifications/auth.go index c70a4568167..5c32b160d4e 100644 --- a/service/codestarnotifications/auth.go +++ b/service/codestarnotifications/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestarnotifications/endpoints.go b/service/codestarnotifications/endpoints.go index ea80de9f8e4..9463a593e2a 100644 --- a/service/codestarnotifications/endpoints.go +++ b/service/codestarnotifications/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestarnotifications/options.go b/service/codestarnotifications/options.go index fbd801f0abe..589676ba4fe 100644 --- a/service/codestarnotifications/options.go +++ b/service/codestarnotifications/options.go @@ -5,7 +5,6 @@ package codestarnotifications import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitoidentity/api_client.go b/service/cognitoidentity/api_client.go index 317503b22b1..5831e373997 100644 --- a/service/cognitoidentity/api_client.go +++ b/service/cognitoidentity/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cognitoidentity/auth.go b/service/cognitoidentity/auth.go index b5fde683721..6bf60c37e84 100644 --- a/service/cognitoidentity/auth.go +++ b/service/cognitoidentity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -169,7 +169,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitoidentity/endpoints.go b/service/cognitoidentity/endpoints.go index ee929a8b9b6..65a4850f2ec 100644 --- a/service/cognitoidentity/endpoints.go +++ b/service/cognitoidentity/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitoidentity/options.go b/service/cognitoidentity/options.go index 102669c4a67..118fe1e4b11 100644 --- a/service/cognitoidentity/options.go +++ b/service/cognitoidentity/options.go @@ -5,7 +5,6 @@ package cognitoidentity import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitoidentityprovider/api_client.go b/service/cognitoidentityprovider/api_client.go index 43460c36c91..8c094e0cbf4 100644 --- a/service/cognitoidentityprovider/api_client.go +++ b/service/cognitoidentityprovider/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cognitoidentityprovider/auth.go b/service/cognitoidentityprovider/auth.go index b1459bfcd11..471f9d2bfcf 100644 --- a/service/cognitoidentityprovider/auth.go +++ b/service/cognitoidentityprovider/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -301,7 +301,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitoidentityprovider/endpoints.go b/service/cognitoidentityprovider/endpoints.go index d3c741d7763..5bf48df1994 100644 --- a/service/cognitoidentityprovider/endpoints.go +++ b/service/cognitoidentityprovider/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitoidentityprovider/options.go b/service/cognitoidentityprovider/options.go index 016bfb7e3c7..ee635438352 100644 --- a/service/cognitoidentityprovider/options.go +++ b/service/cognitoidentityprovider/options.go @@ -5,7 +5,6 @@ package cognitoidentityprovider import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitosync/api_client.go b/service/cognitosync/api_client.go index 0ca74ba9308..cd952a6973b 100644 --- a/service/cognitosync/api_client.go +++ b/service/cognitosync/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/cognitosync/auth.go b/service/cognitosync/auth.go index 96a2a9c4f6b..9d24d23ea32 100644 --- a/service/cognitosync/auth.go +++ b/service/cognitosync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitosync/endpoints.go b/service/cognitosync/endpoints.go index fc5662254c9..809ba37fe0f 100644 --- a/service/cognitosync/endpoints.go +++ b/service/cognitosync/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitosync/options.go b/service/cognitosync/options.go index 3e35d90d9d2..f8e75f64a9c 100644 --- a/service/cognitosync/options.go +++ b/service/cognitosync/options.go @@ -5,7 +5,6 @@ package cognitosync import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/comprehend/api_client.go b/service/comprehend/api_client.go index 0bc15d34359..5b87feeed5c 100644 --- a/service/comprehend/api_client.go +++ b/service/comprehend/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/comprehend/auth.go b/service/comprehend/auth.go index a92cb9af40a..0991e047085 100644 --- a/service/comprehend/auth.go +++ b/service/comprehend/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/comprehend/endpoints.go b/service/comprehend/endpoints.go index 9d04426eac5..1d9983cb054 100644 --- a/service/comprehend/endpoints.go +++ b/service/comprehend/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/comprehend/options.go b/service/comprehend/options.go index 2a2140faebb..0c234fdb245 100644 --- a/service/comprehend/options.go +++ b/service/comprehend/options.go @@ -5,7 +5,6 @@ package comprehend import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/comprehendmedical/api_client.go b/service/comprehendmedical/api_client.go index 65f51c9c9b2..7cf4131074d 100644 --- a/service/comprehendmedical/api_client.go +++ b/service/comprehendmedical/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/comprehendmedical/auth.go b/service/comprehendmedical/auth.go index 04849d4318b..6323342ed08 100644 --- a/service/comprehendmedical/auth.go +++ b/service/comprehendmedical/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/comprehendmedical/endpoints.go b/service/comprehendmedical/endpoints.go index 4c225c8fdd3..2f7211b3f50 100644 --- a/service/comprehendmedical/endpoints.go +++ b/service/comprehendmedical/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/comprehendmedical/options.go b/service/comprehendmedical/options.go index de1f861e4b4..35f3814474e 100644 --- a/service/comprehendmedical/options.go +++ b/service/comprehendmedical/options.go @@ -5,7 +5,6 @@ package comprehendmedical import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/computeoptimizer/api_client.go b/service/computeoptimizer/api_client.go index 29df911c999..d4667e3c36c 100644 --- a/service/computeoptimizer/api_client.go +++ b/service/computeoptimizer/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/computeoptimizer/auth.go b/service/computeoptimizer/auth.go index 8ad12289d24..29c7c72065d 100644 --- a/service/computeoptimizer/auth.go +++ b/service/computeoptimizer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/computeoptimizer/endpoints.go b/service/computeoptimizer/endpoints.go index 9f75009dc95..4553acbed43 100644 --- a/service/computeoptimizer/endpoints.go +++ b/service/computeoptimizer/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/computeoptimizer/options.go b/service/computeoptimizer/options.go index fa6812c0756..4de24e20256 100644 --- a/service/computeoptimizer/options.go +++ b/service/computeoptimizer/options.go @@ -5,7 +5,6 @@ package computeoptimizer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/configservice/api_client.go b/service/configservice/api_client.go index 5c624be67a9..3e7c6b33026 100644 --- a/service/configservice/api_client.go +++ b/service/configservice/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/configservice/auth.go b/service/configservice/auth.go index d151db1fbac..65dcd4a3e63 100644 --- a/service/configservice/auth.go +++ b/service/configservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/configservice/endpoints.go b/service/configservice/endpoints.go index 4d68a7a9f01..48ed41a974d 100644 --- a/service/configservice/endpoints.go +++ b/service/configservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/configservice/options.go b/service/configservice/options.go index a2cb63fb736..0d4c3c628c3 100644 --- a/service/configservice/options.go +++ b/service/configservice/options.go @@ -5,7 +5,6 @@ package configservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connect/api_client.go b/service/connect/api_client.go index 6fc94d5f638..30fe7e1077e 100644 --- a/service/connect/api_client.go +++ b/service/connect/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connect/auth.go b/service/connect/auth.go index 58ab200a055..9800a81735e 100644 --- a/service/connect/auth.go +++ b/service/connect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connect/endpoints.go b/service/connect/endpoints.go index 60b19b1b170..eeeeff7aea0 100644 --- a/service/connect/endpoints.go +++ b/service/connect/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connect/options.go b/service/connect/options.go index e063e553755..637a92c76a4 100644 --- a/service/connect/options.go +++ b/service/connect/options.go @@ -5,7 +5,6 @@ package connect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcampaigns/api_client.go b/service/connectcampaigns/api_client.go index c5d95d400c1..1e7ccbb025f 100644 --- a/service/connectcampaigns/api_client.go +++ b/service/connectcampaigns/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectcampaigns/auth.go b/service/connectcampaigns/auth.go index 77ed02f5774..f6737cde3fb 100644 --- a/service/connectcampaigns/auth.go +++ b/service/connectcampaigns/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcampaigns/endpoints.go b/service/connectcampaigns/endpoints.go index f50ab00f3d6..ca0c64338ef 100644 --- a/service/connectcampaigns/endpoints.go +++ b/service/connectcampaigns/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcampaigns/options.go b/service/connectcampaigns/options.go index f449fb3c3ba..9a90478641f 100644 --- a/service/connectcampaigns/options.go +++ b/service/connectcampaigns/options.go @@ -5,7 +5,6 @@ package connectcampaigns import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcases/api_client.go b/service/connectcases/api_client.go index 6739a311875..b8752124bf3 100644 --- a/service/connectcases/api_client.go +++ b/service/connectcases/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectcases/auth.go b/service/connectcases/auth.go index fb725ed476d..91fffcf9baf 100644 --- a/service/connectcases/auth.go +++ b/service/connectcases/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcases/endpoints.go b/service/connectcases/endpoints.go index 37eb64ffc8c..6e51331f205 100644 --- a/service/connectcases/endpoints.go +++ b/service/connectcases/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcases/options.go b/service/connectcases/options.go index a2d1d67cc1a..ad2305f38de 100644 --- a/service/connectcases/options.go +++ b/service/connectcases/options.go @@ -5,7 +5,6 @@ package connectcases import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcontactlens/api_client.go b/service/connectcontactlens/api_client.go index ae7284e8fcd..081d036414b 100644 --- a/service/connectcontactlens/api_client.go +++ b/service/connectcontactlens/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectcontactlens/auth.go b/service/connectcontactlens/auth.go index 2f17f0ca961..76699d95ae2 100644 --- a/service/connectcontactlens/auth.go +++ b/service/connectcontactlens/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcontactlens/endpoints.go b/service/connectcontactlens/endpoints.go index 8348056eaa7..ba9f3fd4528 100644 --- a/service/connectcontactlens/endpoints.go +++ b/service/connectcontactlens/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcontactlens/options.go b/service/connectcontactlens/options.go index b204f0ca53d..fbbeed58bba 100644 --- a/service/connectcontactlens/options.go +++ b/service/connectcontactlens/options.go @@ -5,7 +5,6 @@ package connectcontactlens import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectparticipant/api_client.go b/service/connectparticipant/api_client.go index 95c2fbd6817..eda4f324775 100644 --- a/service/connectparticipant/api_client.go +++ b/service/connectparticipant/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/connectparticipant/auth.go b/service/connectparticipant/auth.go index 7234ee0b7f0..f2e851a706f 100644 --- a/service/connectparticipant/auth.go +++ b/service/connectparticipant/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectparticipant/endpoints.go b/service/connectparticipant/endpoints.go index 588d591b449..02b270d86e0 100644 --- a/service/connectparticipant/endpoints.go +++ b/service/connectparticipant/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectparticipant/options.go b/service/connectparticipant/options.go index c903c3a5766..014b8e0bd42 100644 --- a/service/connectparticipant/options.go +++ b/service/connectparticipant/options.go @@ -5,7 +5,6 @@ package connectparticipant import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/controltower/api_client.go b/service/controltower/api_client.go index 7511ea2f9a8..9f75b82fb0b 100644 --- a/service/controltower/api_client.go +++ b/service/controltower/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/controltower/auth.go b/service/controltower/auth.go index 2d3cb4e3726..f8b61c05704 100644 --- a/service/controltower/auth.go +++ b/service/controltower/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/controltower/endpoints.go b/service/controltower/endpoints.go index 76d98f04779..ab6b4e1ef08 100644 --- a/service/controltower/endpoints.go +++ b/service/controltower/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/controltower/options.go b/service/controltower/options.go index efe1d18f60d..b4a656b1f8d 100644 --- a/service/controltower/options.go +++ b/service/controltower/options.go @@ -5,7 +5,6 @@ package controltower import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costandusagereportservice/api_client.go b/service/costandusagereportservice/api_client.go index f5cefb197bb..5a9f088fe7d 100644 --- a/service/costandusagereportservice/api_client.go +++ b/service/costandusagereportservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/costandusagereportservice/auth.go b/service/costandusagereportservice/auth.go index 5e9c6a35aab..9bb25de4d39 100644 --- a/service/costandusagereportservice/auth.go +++ b/service/costandusagereportservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costandusagereportservice/endpoints.go b/service/costandusagereportservice/endpoints.go index b41da81a2d7..63924343e1b 100644 --- a/service/costandusagereportservice/endpoints.go +++ b/service/costandusagereportservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costandusagereportservice/options.go b/service/costandusagereportservice/options.go index a4783f45975..7efede34119 100644 --- a/service/costandusagereportservice/options.go +++ b/service/costandusagereportservice/options.go @@ -5,7 +5,6 @@ package costandusagereportservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costexplorer/api_client.go b/service/costexplorer/api_client.go index 1d11fb9f66a..6512bc3aadb 100644 --- a/service/costexplorer/api_client.go +++ b/service/costexplorer/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/costexplorer/auth.go b/service/costexplorer/auth.go index 01e3d3cf72a..d04e0be26e3 100644 --- a/service/costexplorer/auth.go +++ b/service/costexplorer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costexplorer/endpoints.go b/service/costexplorer/endpoints.go index 2528e022507..30e05cfe84a 100644 --- a/service/costexplorer/endpoints.go +++ b/service/costexplorer/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -509,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,9 +537,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -551,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costexplorer/options.go b/service/costexplorer/options.go index 21ccc4ef7c8..7303fa50a6e 100644 --- a/service/costexplorer/options.go +++ b/service/costexplorer/options.go @@ -5,7 +5,6 @@ package costexplorer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costoptimizationhub/api_client.go b/service/costoptimizationhub/api_client.go index f377e314130..324177d268f 100644 --- a/service/costoptimizationhub/api_client.go +++ b/service/costoptimizationhub/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/costoptimizationhub/auth.go b/service/costoptimizationhub/auth.go index 64c7ba1f66b..001ffd03fa6 100644 --- a/service/costoptimizationhub/auth.go +++ b/service/costoptimizationhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costoptimizationhub/endpoints.go b/service/costoptimizationhub/endpoints.go index 756a110942d..5b4f3ed2e12 100644 --- a/service/costoptimizationhub/endpoints.go +++ b/service/costoptimizationhub/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costoptimizationhub/options.go b/service/costoptimizationhub/options.go index 0a6ab72cbf6..3f035a3ed94 100644 --- a/service/costoptimizationhub/options.go +++ b/service/costoptimizationhub/options.go @@ -5,7 +5,6 @@ package costoptimizationhub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/customerprofiles/api_client.go b/service/customerprofiles/api_client.go index 8529c5e379c..18b06256da3 100644 --- a/service/customerprofiles/api_client.go +++ b/service/customerprofiles/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/customerprofiles/auth.go b/service/customerprofiles/auth.go index aa5703709d8..0c0672b1aa5 100644 --- a/service/customerprofiles/auth.go +++ b/service/customerprofiles/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/customerprofiles/endpoints.go b/service/customerprofiles/endpoints.go index fef7e6e31fb..b6135174dd6 100644 --- a/service/customerprofiles/endpoints.go +++ b/service/customerprofiles/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/customerprofiles/options.go b/service/customerprofiles/options.go index c2b55efc700..a35d77298a9 100644 --- a/service/customerprofiles/options.go +++ b/service/customerprofiles/options.go @@ -5,7 +5,6 @@ package customerprofiles import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/databasemigrationservice/api_client.go b/service/databasemigrationservice/api_client.go index 5f703ff8cfc..e2fa662bb3d 100644 --- a/service/databasemigrationservice/api_client.go +++ b/service/databasemigrationservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/databasemigrationservice/auth.go b/service/databasemigrationservice/auth.go index bee97456719..ddb9776b960 100644 --- a/service/databasemigrationservice/auth.go +++ b/service/databasemigrationservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/databasemigrationservice/endpoints.go b/service/databasemigrationservice/endpoints.go index c697ab516ab..b0b1214bf45 100644 --- a/service/databasemigrationservice/endpoints.go +++ b/service/databasemigrationservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -497,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,9 +525,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -539,7 +535,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/databasemigrationservice/options.go b/service/databasemigrationservice/options.go index c24a0c7594f..58bf0bb961d 100644 --- a/service/databasemigrationservice/options.go +++ b/service/databasemigrationservice/options.go @@ -5,7 +5,6 @@ package databasemigrationservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/databrew/api_client.go b/service/databrew/api_client.go index f30df0564ac..59108ee9493 100644 --- a/service/databrew/api_client.go +++ b/service/databrew/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/databrew/auth.go b/service/databrew/auth.go index 8dbdac4d48a..e4f3cc319fb 100644 --- a/service/databrew/auth.go +++ b/service/databrew/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/databrew/endpoints.go b/service/databrew/endpoints.go index 56840f96f15..c61e4658d54 100644 --- a/service/databrew/endpoints.go +++ b/service/databrew/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -453,7 +452,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -482,9 +481,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -495,7 +491,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/databrew/options.go b/service/databrew/options.go index c873e50deab..ce023fb8984 100644 --- a/service/databrew/options.go +++ b/service/databrew/options.go @@ -5,7 +5,6 @@ package databrew import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dataexchange/api_client.go b/service/dataexchange/api_client.go index a01b1776bcb..d64eb547ab4 100644 --- a/service/dataexchange/api_client.go +++ b/service/dataexchange/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dataexchange/auth.go b/service/dataexchange/auth.go index 64ec9c2c87d..e7b87cb1b16 100644 --- a/service/dataexchange/auth.go +++ b/service/dataexchange/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dataexchange/endpoints.go b/service/dataexchange/endpoints.go index 3abe0526072..2870a89efbc 100644 --- a/service/dataexchange/endpoints.go +++ b/service/dataexchange/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dataexchange/options.go b/service/dataexchange/options.go index 678f1be621d..e2a2012d48c 100644 --- a/service/dataexchange/options.go +++ b/service/dataexchange/options.go @@ -5,7 +5,6 @@ package dataexchange import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datapipeline/api_client.go b/service/datapipeline/api_client.go index 9d4a1f6fc11..60d6709fd88 100644 --- a/service/datapipeline/api_client.go +++ b/service/datapipeline/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/datapipeline/auth.go b/service/datapipeline/auth.go index 781e4b6ab7b..95dc8ef9793 100644 --- a/service/datapipeline/auth.go +++ b/service/datapipeline/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datapipeline/endpoints.go b/service/datapipeline/endpoints.go index e66c305e3e3..231af8c46ce 100644 --- a/service/datapipeline/endpoints.go +++ b/service/datapipeline/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datapipeline/options.go b/service/datapipeline/options.go index 23925bead71..74ee6db58a9 100644 --- a/service/datapipeline/options.go +++ b/service/datapipeline/options.go @@ -5,7 +5,6 @@ package datapipeline import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datasync/api_client.go b/service/datasync/api_client.go index 33e4dc74308..0f913672e4a 100644 --- a/service/datasync/api_client.go +++ b/service/datasync/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/datasync/auth.go b/service/datasync/auth.go index 7d588b354f5..32b6fa29edb 100644 --- a/service/datasync/auth.go +++ b/service/datasync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datasync/endpoints.go b/service/datasync/endpoints.go index 629ac2d41d9..3e14905e93b 100644 --- a/service/datasync/endpoints.go +++ b/service/datasync/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datasync/options.go b/service/datasync/options.go index 961ee5d59f1..454e8cedd9e 100644 --- a/service/datasync/options.go +++ b/service/datasync/options.go @@ -5,7 +5,6 @@ package datasync import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datazone/api_client.go b/service/datazone/api_client.go index 5120ae459c6..eaf9c878622 100644 --- a/service/datazone/api_client.go +++ b/service/datazone/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/datazone/auth.go b/service/datazone/auth.go index e1b45aaa986..c47c550f373 100644 --- a/service/datazone/auth.go +++ b/service/datazone/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datazone/endpoints.go b/service/datazone/endpoints.go index d306799d353..c1399124e32 100644 --- a/service/datazone/endpoints.go +++ b/service/datazone/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -412,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,9 +439,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -453,7 +449,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datazone/options.go b/service/datazone/options.go index c12df0bd9a1..5d525a95222 100644 --- a/service/datazone/options.go +++ b/service/datazone/options.go @@ -5,7 +5,6 @@ package datazone import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dax/api_client.go b/service/dax/api_client.go index b9ba4a0c08b..8217caf2a8e 100644 --- a/service/dax/api_client.go +++ b/service/dax/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dax/auth.go b/service/dax/auth.go index 24c2265e056..06101460ce0 100644 --- a/service/dax/auth.go +++ b/service/dax/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dax/endpoints.go b/service/dax/endpoints.go index 84d78f538ed..b08ff7484a4 100644 --- a/service/dax/endpoints.go +++ b/service/dax/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dax/options.go b/service/dax/options.go index d543f28549c..4694ed39c0d 100644 --- a/service/dax/options.go +++ b/service/dax/options.go @@ -5,7 +5,6 @@ package dax import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/detective/api_client.go b/service/detective/api_client.go index 2be13aaf433..38bcebc6697 100644 --- a/service/detective/api_client.go +++ b/service/detective/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/detective/auth.go b/service/detective/auth.go index a068df050be..58b15c470da 100644 --- a/service/detective/auth.go +++ b/service/detective/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/detective/endpoints.go b/service/detective/endpoints.go index 1fdcfd66802..4b2b271f06e 100644 --- a/service/detective/endpoints.go +++ b/service/detective/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/detective/options.go b/service/detective/options.go index e15a2ccbf2a..044d87d1e20 100644 --- a/service/detective/options.go +++ b/service/detective/options.go @@ -5,7 +5,6 @@ package detective import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/devicefarm/api_client.go b/service/devicefarm/api_client.go index 13dacc293ad..1ec7b650a63 100644 --- a/service/devicefarm/api_client.go +++ b/service/devicefarm/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/devicefarm/auth.go b/service/devicefarm/auth.go index f96d0ef2a15..a40d222f577 100644 --- a/service/devicefarm/auth.go +++ b/service/devicefarm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/devicefarm/endpoints.go b/service/devicefarm/endpoints.go index caed1f627ad..a8cc90aa0b2 100644 --- a/service/devicefarm/endpoints.go +++ b/service/devicefarm/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/devicefarm/options.go b/service/devicefarm/options.go index 2f772e7fcd7..6ea0d54a1ed 100644 --- a/service/devicefarm/options.go +++ b/service/devicefarm/options.go @@ -5,7 +5,6 @@ package devicefarm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/devopsguru/api_client.go b/service/devopsguru/api_client.go index b15c59f7d2f..9e9755a8dd3 100644 --- a/service/devopsguru/api_client.go +++ b/service/devopsguru/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/devopsguru/auth.go b/service/devopsguru/auth.go index 07ad39c6849..1ee379495c4 100644 --- a/service/devopsguru/auth.go +++ b/service/devopsguru/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/devopsguru/endpoints.go b/service/devopsguru/endpoints.go index 803128bafa5..804ef6ab78e 100644 --- a/service/devopsguru/endpoints.go +++ b/service/devopsguru/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/devopsguru/options.go b/service/devopsguru/options.go index 0850cd5a2a0..07e231ee379 100644 --- a/service/devopsguru/options.go +++ b/service/devopsguru/options.go @@ -5,7 +5,6 @@ package devopsguru import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/directconnect/api_client.go b/service/directconnect/api_client.go index 35baeac7b70..091dff66601 100644 --- a/service/directconnect/api_client.go +++ b/service/directconnect/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/directconnect/auth.go b/service/directconnect/auth.go index 7fc0c267a46..a139fa60735 100644 --- a/service/directconnect/auth.go +++ b/service/directconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/directconnect/endpoints.go b/service/directconnect/endpoints.go index 09dbeed22b5..4dd0f39d637 100644 --- a/service/directconnect/endpoints.go +++ b/service/directconnect/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/directconnect/options.go b/service/directconnect/options.go index 1655ef133b9..fc3615a5bbf 100644 --- a/service/directconnect/options.go +++ b/service/directconnect/options.go @@ -5,7 +5,6 @@ package directconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/directoryservice/api_client.go b/service/directoryservice/api_client.go index 9101b51f7a9..9feb14aff56 100644 --- a/service/directoryservice/api_client.go +++ b/service/directoryservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/directoryservice/auth.go b/service/directoryservice/auth.go index fa0e17b513d..b36e99bc54d 100644 --- a/service/directoryservice/auth.go +++ b/service/directoryservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/directoryservice/endpoints.go b/service/directoryservice/endpoints.go index 81782aa9ce4..1a9512bb58e 100644 --- a/service/directoryservice/endpoints.go +++ b/service/directoryservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/directoryservice/options.go b/service/directoryservice/options.go index af9c7680b45..24f9d04a966 100644 --- a/service/directoryservice/options.go +++ b/service/directoryservice/options.go @@ -5,7 +5,6 @@ package directoryservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dlm/api_client.go b/service/dlm/api_client.go index 83baf54a41d..daf7fe7ab14 100644 --- a/service/dlm/api_client.go +++ b/service/dlm/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dlm/auth.go b/service/dlm/auth.go index 1639931f58e..79126cd58ca 100644 --- a/service/dlm/auth.go +++ b/service/dlm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dlm/endpoints.go b/service/dlm/endpoints.go index 6e4d8b3c401..a4d6ee665b3 100644 --- a/service/dlm/endpoints.go +++ b/service/dlm/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dlm/options.go b/service/dlm/options.go index 56121eb0b6b..2d56b3befc2 100644 --- a/service/dlm/options.go +++ b/service/dlm/options.go @@ -5,7 +5,6 @@ package dlm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/docdb/api_client.go b/service/docdb/api_client.go index 9d0a74f642c..72e8e156e3a 100644 --- a/service/docdb/api_client.go +++ b/service/docdb/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/docdb/auth.go b/service/docdb/auth.go index 32dea8b67ef..80174b1760f 100644 --- a/service/docdb/auth.go +++ b/service/docdb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/docdb/endpoints.go b/service/docdb/endpoints.go index 9a85d9ae254..3008a5c5c0b 100644 --- a/service/docdb/endpoints.go +++ b/service/docdb/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/docdb/options.go b/service/docdb/options.go index d8e717e805d..c5964e219ad 100644 --- a/service/docdb/options.go +++ b/service/docdb/options.go @@ -5,7 +5,6 @@ package docdb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/docdbelastic/api_client.go b/service/docdbelastic/api_client.go index f29edacc02b..798abfa0f9e 100644 --- a/service/docdbelastic/api_client.go +++ b/service/docdbelastic/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/docdbelastic/auth.go b/service/docdbelastic/auth.go index 0caeb92204e..a1d7b716326 100644 --- a/service/docdbelastic/auth.go +++ b/service/docdbelastic/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/docdbelastic/endpoints.go b/service/docdbelastic/endpoints.go index 864b44b36aa..40a6444677f 100644 --- a/service/docdbelastic/endpoints.go +++ b/service/docdbelastic/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/docdbelastic/options.go b/service/docdbelastic/options.go index 624ed0dd12c..c02ac3d11f2 100644 --- a/service/docdbelastic/options.go +++ b/service/docdbelastic/options.go @@ -5,7 +5,6 @@ package docdbelastic import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/drs/api_client.go b/service/drs/api_client.go index e02b1e8a487..1347cef14c2 100644 --- a/service/drs/api_client.go +++ b/service/drs/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/drs/auth.go b/service/drs/auth.go index 61c5f4c9edd..7acc999fb29 100644 --- a/service/drs/auth.go +++ b/service/drs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/drs/endpoints.go b/service/drs/endpoints.go index 624f048f2a0..97cac8bd00b 100644 --- a/service/drs/endpoints.go +++ b/service/drs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/drs/options.go b/service/drs/options.go index ab60f4d66f3..cdf5589f34d 100644 --- a/service/drs/options.go +++ b/service/drs/options.go @@ -5,7 +5,6 @@ package drs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dynamodbstreams/api_client.go b/service/dynamodbstreams/api_client.go index cc47bc65c0a..5bb9b0dc4b0 100644 --- a/service/dynamodbstreams/api_client.go +++ b/service/dynamodbstreams/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dynamodbstreams/auth.go b/service/dynamodbstreams/auth.go index 81cf2256864..25738f652c9 100644 --- a/service/dynamodbstreams/auth.go +++ b/service/dynamodbstreams/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dynamodbstreams/endpoints.go b/service/dynamodbstreams/endpoints.go index b04bf2f2cd6..519bd70800a 100644 --- a/service/dynamodbstreams/endpoints.go +++ b/service/dynamodbstreams/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -585,7 +584,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -614,9 +613,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -627,7 +623,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dynamodbstreams/options.go b/service/dynamodbstreams/options.go index cef37cd6ea2..6304b262f06 100644 --- a/service/dynamodbstreams/options.go +++ b/service/dynamodbstreams/options.go @@ -5,7 +5,6 @@ package dynamodbstreams import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ebs/api_client.go b/service/ebs/api_client.go index a4e9421d04c..1158ab14ff0 100644 --- a/service/ebs/api_client.go +++ b/service/ebs/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ebs/auth.go b/service/ebs/auth.go index 10eb91b3d92..a32582f7732 100644 --- a/service/ebs/auth.go +++ b/service/ebs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ebs/endpoints.go b/service/ebs/endpoints.go index 7116ab4d35d..2edafb84c22 100644 --- a/service/ebs/endpoints.go +++ b/service/ebs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ebs/options.go b/service/ebs/options.go index be7bd686d40..f36c486c948 100644 --- a/service/ebs/options.go +++ b/service/ebs/options.go @@ -5,7 +5,6 @@ package ebs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ec2/api_client.go b/service/ec2/api_client.go index a6696964f7f..84365b955b0 100644 --- a/service/ec2/api_client.go +++ b/service/ec2/api_client.go @@ -237,16 +237,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ec2/auth.go b/service/ec2/auth.go index 00b179290e1..2e29d836bcc 100644 --- a/service/ec2/auth.go +++ b/service/ec2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ec2/endpoints.go b/service/ec2/endpoints.go index f310437ce13..6423ebf2234 100644 --- a/service/ec2/endpoints.go +++ b/service/ec2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ec2/options.go b/service/ec2/options.go index ac8f55e04f6..37cb69d205f 100644 --- a/service/ec2/options.go +++ b/service/ec2/options.go @@ -5,7 +5,6 @@ package ec2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ec2instanceconnect/api_client.go b/service/ec2instanceconnect/api_client.go index dcb38d9c1f1..7ff6311ca28 100644 --- a/service/ec2instanceconnect/api_client.go +++ b/service/ec2instanceconnect/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ec2instanceconnect/auth.go b/service/ec2instanceconnect/auth.go index c7baaf1dd3c..024c19c37e2 100644 --- a/service/ec2instanceconnect/auth.go +++ b/service/ec2instanceconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ec2instanceconnect/endpoints.go b/service/ec2instanceconnect/endpoints.go index a590e51250a..a3a37243e0b 100644 --- a/service/ec2instanceconnect/endpoints.go +++ b/service/ec2instanceconnect/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ec2instanceconnect/options.go b/service/ec2instanceconnect/options.go index da26ef03f59..2816b454b5d 100644 --- a/service/ec2instanceconnect/options.go +++ b/service/ec2instanceconnect/options.go @@ -5,7 +5,6 @@ package ec2instanceconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecr/api_client.go b/service/ecr/api_client.go index ca021b2a7fa..f74882130ee 100644 --- a/service/ecr/api_client.go +++ b/service/ecr/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ecr/auth.go b/service/ecr/auth.go index a8ba503b9c2..86ba7edf6b8 100644 --- a/service/ecr/auth.go +++ b/service/ecr/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecr/endpoints.go b/service/ecr/endpoints.go index 48974554c3e..b928bb088ec 100644 --- a/service/ecr/endpoints.go +++ b/service/ecr/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecr/options.go b/service/ecr/options.go index 3facb8a3be0..0de783e381c 100644 --- a/service/ecr/options.go +++ b/service/ecr/options.go @@ -5,7 +5,6 @@ package ecr import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecrpublic/api_client.go b/service/ecrpublic/api_client.go index 9b31863eaa7..a9e71d814a1 100644 --- a/service/ecrpublic/api_client.go +++ b/service/ecrpublic/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ecrpublic/auth.go b/service/ecrpublic/auth.go index c7feeb8c629..80729fbc78a 100644 --- a/service/ecrpublic/auth.go +++ b/service/ecrpublic/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecrpublic/endpoints.go b/service/ecrpublic/endpoints.go index e5438d44420..6e2c49c79b8 100644 --- a/service/ecrpublic/endpoints.go +++ b/service/ecrpublic/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecrpublic/options.go b/service/ecrpublic/options.go index 10896c9d06c..2845b43a8dd 100644 --- a/service/ecrpublic/options.go +++ b/service/ecrpublic/options.go @@ -5,7 +5,6 @@ package ecrpublic import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecs/api_client.go b/service/ecs/api_client.go index 52cf0dcda47..93f29da2d20 100644 --- a/service/ecs/api_client.go +++ b/service/ecs/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ecs/auth.go b/service/ecs/auth.go index 55765b24d16..5aa04a20db8 100644 --- a/service/ecs/auth.go +++ b/service/ecs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecs/endpoints.go b/service/ecs/endpoints.go index 08347e005e8..16fb79b6631 100644 --- a/service/ecs/endpoints.go +++ b/service/ecs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecs/options.go b/service/ecs/options.go index ad65aaa6b30..9ecc7a35755 100644 --- a/service/ecs/options.go +++ b/service/ecs/options.go @@ -5,7 +5,6 @@ package ecs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/efs/api_client.go b/service/efs/api_client.go index 4426a4ac401..f066b2f68eb 100644 --- a/service/efs/api_client.go +++ b/service/efs/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/efs/auth.go b/service/efs/auth.go index 2de8e610f89..f5d2e317fcd 100644 --- a/service/efs/auth.go +++ b/service/efs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/efs/endpoints.go b/service/efs/endpoints.go index cef902e67fc..01698ef70b8 100644 --- a/service/efs/endpoints.go +++ b/service/efs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/efs/options.go b/service/efs/options.go index 563f0a06e1c..069a24e4a55 100644 --- a/service/efs/options.go +++ b/service/efs/options.go @@ -5,7 +5,6 @@ package efs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eks/api_client.go b/service/eks/api_client.go index e0d0f1e2331..f7bcc7c3d8a 100644 --- a/service/eks/api_client.go +++ b/service/eks/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/eks/auth.go b/service/eks/auth.go index 9995c5d49fa..8de3011f101 100644 --- a/service/eks/auth.go +++ b/service/eks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eks/endpoints.go b/service/eks/endpoints.go index 7a7f25d32a8..166f800fd0b 100644 --- a/service/eks/endpoints.go +++ b/service/eks/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eks/options.go b/service/eks/options.go index a4fcf6378a1..631a8c6e949 100644 --- a/service/eks/options.go +++ b/service/eks/options.go @@ -5,7 +5,6 @@ package eks import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eksauth/api_client.go b/service/eksauth/api_client.go index 30d355567be..aef6d70c767 100644 --- a/service/eksauth/api_client.go +++ b/service/eksauth/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/eksauth/auth.go b/service/eksauth/auth.go index b0ea195159f..a1ce44f9076 100644 --- a/service/eksauth/auth.go +++ b/service/eksauth/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eksauth/endpoints.go b/service/eksauth/endpoints.go index 635f3f1f417..3003c7a6536 100644 --- a/service/eksauth/endpoints.go +++ b/service/eksauth/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -412,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,9 +439,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -453,7 +449,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eksauth/options.go b/service/eksauth/options.go index cbd3588ca85..9332828cd7b 100644 --- a/service/eksauth/options.go +++ b/service/eksauth/options.go @@ -5,7 +5,6 @@ package eksauth import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticache/api_client.go b/service/elasticache/api_client.go index 6c707dcfdac..a2134c011db 100644 --- a/service/elasticache/api_client.go +++ b/service/elasticache/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticache/auth.go b/service/elasticache/auth.go index d551db96f6b..fbd7f6111aa 100644 --- a/service/elasticache/auth.go +++ b/service/elasticache/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticache/endpoints.go b/service/elasticache/endpoints.go index 73bf6c98270..f7ea773f892 100644 --- a/service/elasticache/endpoints.go +++ b/service/elasticache/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticache/options.go b/service/elasticache/options.go index edec2addd8a..8ff05b5d872 100644 --- a/service/elasticache/options.go +++ b/service/elasticache/options.go @@ -5,7 +5,6 @@ package elasticache import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticbeanstalk/api_client.go b/service/elasticbeanstalk/api_client.go index 2bde8ad7d79..de60613ee01 100644 --- a/service/elasticbeanstalk/api_client.go +++ b/service/elasticbeanstalk/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticbeanstalk/auth.go b/service/elasticbeanstalk/auth.go index 2c8c2bbfdf2..cb63dd48eb6 100644 --- a/service/elasticbeanstalk/auth.go +++ b/service/elasticbeanstalk/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticbeanstalk/endpoints.go b/service/elasticbeanstalk/endpoints.go index eb264637191..1388e2d9713 100644 --- a/service/elasticbeanstalk/endpoints.go +++ b/service/elasticbeanstalk/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticbeanstalk/options.go b/service/elasticbeanstalk/options.go index c60f3bbf785..556136385fd 100644 --- a/service/elasticbeanstalk/options.go +++ b/service/elasticbeanstalk/options.go @@ -5,7 +5,6 @@ package elasticbeanstalk import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticinference/api_client.go b/service/elasticinference/api_client.go index 9d856c709db..e295a0ba91f 100644 --- a/service/elasticinference/api_client.go +++ b/service/elasticinference/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticinference/auth.go b/service/elasticinference/auth.go index 185b9e2336a..46398517c62 100644 --- a/service/elasticinference/auth.go +++ b/service/elasticinference/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticinference/endpoints.go b/service/elasticinference/endpoints.go index 2bfc33c5a19..a3c58547aa1 100644 --- a/service/elasticinference/endpoints.go +++ b/service/elasticinference/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticinference/options.go b/service/elasticinference/options.go index 0137fe5b45c..a85a7dd5a28 100644 --- a/service/elasticinference/options.go +++ b/service/elasticinference/options.go @@ -5,7 +5,6 @@ package elasticinference import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticloadbalancing/api_client.go b/service/elasticloadbalancing/api_client.go index 9a15f9c365c..27ea617cd76 100644 --- a/service/elasticloadbalancing/api_client.go +++ b/service/elasticloadbalancing/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticloadbalancing/auth.go b/service/elasticloadbalancing/auth.go index 3eadd2bfc7f..b337a92f47e 100644 --- a/service/elasticloadbalancing/auth.go +++ b/service/elasticloadbalancing/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticloadbalancing/endpoints.go b/service/elasticloadbalancing/endpoints.go index 8b4f9683d2b..8244497d310 100644 --- a/service/elasticloadbalancing/endpoints.go +++ b/service/elasticloadbalancing/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticloadbalancing/options.go b/service/elasticloadbalancing/options.go index 8cf198aad01..e727763ea75 100644 --- a/service/elasticloadbalancing/options.go +++ b/service/elasticloadbalancing/options.go @@ -5,7 +5,6 @@ package elasticloadbalancing import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticloadbalancingv2/api_client.go b/service/elasticloadbalancingv2/api_client.go index 974a88c399b..a15c94adb83 100644 --- a/service/elasticloadbalancingv2/api_client.go +++ b/service/elasticloadbalancingv2/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticloadbalancingv2/auth.go b/service/elasticloadbalancingv2/auth.go index a2619bc6778..88459c677f4 100644 --- a/service/elasticloadbalancingv2/auth.go +++ b/service/elasticloadbalancingv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticloadbalancingv2/endpoints.go b/service/elasticloadbalancingv2/endpoints.go index e70917da206..4dd1b2f905d 100644 --- a/service/elasticloadbalancingv2/endpoints.go +++ b/service/elasticloadbalancingv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticloadbalancingv2/options.go b/service/elasticloadbalancingv2/options.go index 65412cc105f..8d973890d08 100644 --- a/service/elasticloadbalancingv2/options.go +++ b/service/elasticloadbalancingv2/options.go @@ -5,7 +5,6 @@ package elasticloadbalancingv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticsearchservice/api_client.go b/service/elasticsearchservice/api_client.go index 7a5595392f4..9e58807ddfa 100644 --- a/service/elasticsearchservice/api_client.go +++ b/service/elasticsearchservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elasticsearchservice/auth.go b/service/elasticsearchservice/auth.go index 8752ee07ff9..15fe8b011f2 100644 --- a/service/elasticsearchservice/auth.go +++ b/service/elasticsearchservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticsearchservice/endpoints.go b/service/elasticsearchservice/endpoints.go index b464937464a..9dfee48a030 100644 --- a/service/elasticsearchservice/endpoints.go +++ b/service/elasticsearchservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -497,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,9 +525,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -539,7 +535,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticsearchservice/options.go b/service/elasticsearchservice/options.go index b224f6d40a7..c3e0bd9f3dc 100644 --- a/service/elasticsearchservice/options.go +++ b/service/elasticsearchservice/options.go @@ -5,7 +5,6 @@ package elasticsearchservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elastictranscoder/api_client.go b/service/elastictranscoder/api_client.go index 63083926363..7b64bdb4541 100644 --- a/service/elastictranscoder/api_client.go +++ b/service/elastictranscoder/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/elastictranscoder/auth.go b/service/elastictranscoder/auth.go index e57b7ac5e88..161aee240ec 100644 --- a/service/elastictranscoder/auth.go +++ b/service/elastictranscoder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elastictranscoder/endpoints.go b/service/elastictranscoder/endpoints.go index 312065ee00a..13b2e0dbe36 100644 --- a/service/elastictranscoder/endpoints.go +++ b/service/elastictranscoder/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elastictranscoder/options.go b/service/elastictranscoder/options.go index cb4577a4561..f079c228073 100644 --- a/service/elastictranscoder/options.go +++ b/service/elastictranscoder/options.go @@ -5,7 +5,6 @@ package elastictranscoder import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emr/api_client.go b/service/emr/api_client.go index 11fd81cade1..52a6ab728c9 100644 --- a/service/emr/api_client.go +++ b/service/emr/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/emr/auth.go b/service/emr/auth.go index d2721cd7245..163f6cd1c0d 100644 --- a/service/emr/auth.go +++ b/service/emr/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emr/endpoints.go b/service/emr/endpoints.go index e287460e716..9e1dab4ea3a 100644 --- a/service/emr/endpoints.go +++ b/service/emr/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emr/options.go b/service/emr/options.go index 196161aef22..1eec3a958dc 100644 --- a/service/emr/options.go +++ b/service/emr/options.go @@ -5,7 +5,6 @@ package emr import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emrcontainers/api_client.go b/service/emrcontainers/api_client.go index 0cdb8afb137..3756ca2ab46 100644 --- a/service/emrcontainers/api_client.go +++ b/service/emrcontainers/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/emrcontainers/auth.go b/service/emrcontainers/auth.go index f0ffb718997..974f9db8255 100644 --- a/service/emrcontainers/auth.go +++ b/service/emrcontainers/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emrcontainers/endpoints.go b/service/emrcontainers/endpoints.go index 948a27c2656..886f4987e0b 100644 --- a/service/emrcontainers/endpoints.go +++ b/service/emrcontainers/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emrcontainers/options.go b/service/emrcontainers/options.go index 614ba4db1a1..44235eaa69e 100644 --- a/service/emrcontainers/options.go +++ b/service/emrcontainers/options.go @@ -5,7 +5,6 @@ package emrcontainers import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emrserverless/api_client.go b/service/emrserverless/api_client.go index 7d8155e4186..cc257d7576c 100644 --- a/service/emrserverless/api_client.go +++ b/service/emrserverless/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/emrserverless/auth.go b/service/emrserverless/auth.go index ccbafaf0d8c..deb3f26d0e3 100644 --- a/service/emrserverless/auth.go +++ b/service/emrserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emrserverless/endpoints.go b/service/emrserverless/endpoints.go index ac3a900efc2..2708c36f9c6 100644 --- a/service/emrserverless/endpoints.go +++ b/service/emrserverless/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emrserverless/options.go b/service/emrserverless/options.go index 81828dc7fef..9846f62e8c8 100644 --- a/service/emrserverless/options.go +++ b/service/emrserverless/options.go @@ -5,7 +5,6 @@ package emrserverless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/entityresolution/api_client.go b/service/entityresolution/api_client.go index d7fcecfb915..ba5fb293cf5 100644 --- a/service/entityresolution/api_client.go +++ b/service/entityresolution/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/entityresolution/auth.go b/service/entityresolution/auth.go index 43039a08628..2f84e6c3c1a 100644 --- a/service/entityresolution/auth.go +++ b/service/entityresolution/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/entityresolution/endpoints.go b/service/entityresolution/endpoints.go index 65154bd60ad..2f8b96ad0e3 100644 --- a/service/entityresolution/endpoints.go +++ b/service/entityresolution/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/entityresolution/options.go b/service/entityresolution/options.go index 5a9fc4c63fb..6ed3e8aa213 100644 --- a/service/entityresolution/options.go +++ b/service/entityresolution/options.go @@ -5,7 +5,6 @@ package entityresolution import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eventbridge/api_client.go b/service/eventbridge/api_client.go index 96cce448f10..b5da74926ff 100644 --- a/service/eventbridge/api_client.go +++ b/service/eventbridge/api_client.go @@ -244,16 +244,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/eventbridge/auth.go b/service/eventbridge/auth.go index 8041a3dad83..5623cfb524d 100644 --- a/service/eventbridge/auth.go +++ b/service/eventbridge/auth.go @@ -12,12 +12,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } -func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options, ctx context.Context) { - params.endpointParams = bindEndpointParams(input, options, ctx) +func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { + params.endpointParams = bindEndpointParams(input, options) } type setLegacyContextSigningOptionsMiddleware struct { @@ -98,13 +98,13 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthEndpointParams(params, input, options, ctx) - bindAuthParamsRegion(params, input, options, ctx) + bindAuthEndpointParams(params, input, options) + bindAuthParamsRegion(params, input, options) return params } @@ -164,7 +164,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eventbridge/endpoints.go b/service/eventbridge/endpoints.go index ec40e7872b0..f79efc60d97 100644 --- a/service/eventbridge/endpoints.go +++ b/service/eventbridge/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -598,7 +597,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -627,9 +626,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -640,7 +636,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eventbridge/options.go b/service/eventbridge/options.go index 2840e5d15ed..8784fd46d99 100644 --- a/service/eventbridge/options.go +++ b/service/eventbridge/options.go @@ -6,7 +6,6 @@ import ( "context" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" "github.com/aws/aws-sdk-go-v2/internal/v4a" @@ -27,9 +26,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/evidently/api_client.go b/service/evidently/api_client.go index 2a68d9c2846..aed8455a685 100644 --- a/service/evidently/api_client.go +++ b/service/evidently/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/evidently/auth.go b/service/evidently/auth.go index a0bb5e75d35..3a8a8a429f7 100644 --- a/service/evidently/auth.go +++ b/service/evidently/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/evidently/endpoints.go b/service/evidently/endpoints.go index 8bb5b89d078..8755aaafec4 100644 --- a/service/evidently/endpoints.go +++ b/service/evidently/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/evidently/options.go b/service/evidently/options.go index 09f918d8d95..d48d85e5264 100644 --- a/service/evidently/options.go +++ b/service/evidently/options.go @@ -5,7 +5,6 @@ package evidently import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/finspace/api_client.go b/service/finspace/api_client.go index 32d446534b1..486a6799118 100644 --- a/service/finspace/api_client.go +++ b/service/finspace/api_client.go @@ -235,16 +235,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/finspace/auth.go b/service/finspace/auth.go index 718bccd93c3..6095c338a3e 100644 --- a/service/finspace/auth.go +++ b/service/finspace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/finspace/endpoints.go b/service/finspace/endpoints.go index 8a68e154960..8544bc049cc 100644 --- a/service/finspace/endpoints.go +++ b/service/finspace/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/finspace/options.go b/service/finspace/options.go index 62fe9054e20..d05e3f637db 100644 --- a/service/finspace/options.go +++ b/service/finspace/options.go @@ -5,7 +5,6 @@ package finspace import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/finspacedata/api_client.go b/service/finspacedata/api_client.go index 6da52ebea2f..f845e2efab4 100644 --- a/service/finspacedata/api_client.go +++ b/service/finspacedata/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/finspacedata/auth.go b/service/finspacedata/auth.go index 48acceefc52..cd1251577e0 100644 --- a/service/finspacedata/auth.go +++ b/service/finspacedata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/finspacedata/endpoints.go b/service/finspacedata/endpoints.go index 7968f6ce183..be4297ded9f 100644 --- a/service/finspacedata/endpoints.go +++ b/service/finspacedata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/finspacedata/options.go b/service/finspacedata/options.go index 16835bddbf3..ce1e20d6833 100644 --- a/service/finspacedata/options.go +++ b/service/finspacedata/options.go @@ -5,7 +5,6 @@ package finspacedata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/firehose/api_client.go b/service/firehose/api_client.go index a3b9dd7f3b9..b82b5493162 100644 --- a/service/firehose/api_client.go +++ b/service/firehose/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/firehose/auth.go b/service/firehose/auth.go index c7cb55dffc7..7481cb66ed5 100644 --- a/service/firehose/auth.go +++ b/service/firehose/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/firehose/endpoints.go b/service/firehose/endpoints.go index 0c260bbaeee..eb0a926e753 100644 --- a/service/firehose/endpoints.go +++ b/service/firehose/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/firehose/options.go b/service/firehose/options.go index 29ea67d8e39..3cd93b7b433 100644 --- a/service/firehose/options.go +++ b/service/firehose/options.go @@ -5,7 +5,6 @@ package firehose import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fis/api_client.go b/service/fis/api_client.go index b0c559248e3..33f8df0c913 100644 --- a/service/fis/api_client.go +++ b/service/fis/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/fis/auth.go b/service/fis/auth.go index c69a3010fcc..1fdfb6d6b58 100644 --- a/service/fis/auth.go +++ b/service/fis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fis/endpoints.go b/service/fis/endpoints.go index 86faa495004..6ee556216c9 100644 --- a/service/fis/endpoints.go +++ b/service/fis/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fis/options.go b/service/fis/options.go index e00ee31d151..0e200e39066 100644 --- a/service/fis/options.go +++ b/service/fis/options.go @@ -5,7 +5,6 @@ package fis import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fms/api_client.go b/service/fms/api_client.go index 9d14c28544f..dc13905d692 100644 --- a/service/fms/api_client.go +++ b/service/fms/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/fms/auth.go b/service/fms/auth.go index c16c72a28f8..2e5e9adeebb 100644 --- a/service/fms/auth.go +++ b/service/fms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fms/endpoints.go b/service/fms/endpoints.go index f3d38164777..e062464a0a8 100644 --- a/service/fms/endpoints.go +++ b/service/fms/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fms/options.go b/service/fms/options.go index 4c0c4394958..2105e2eabb0 100644 --- a/service/fms/options.go +++ b/service/fms/options.go @@ -5,7 +5,6 @@ package fms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/forecast/api_client.go b/service/forecast/api_client.go index d2a75b2718b..ea72a0e3fbf 100644 --- a/service/forecast/api_client.go +++ b/service/forecast/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/forecast/auth.go b/service/forecast/auth.go index 4aa95fc0259..b8aab0c76bf 100644 --- a/service/forecast/auth.go +++ b/service/forecast/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/forecast/endpoints.go b/service/forecast/endpoints.go index a91d0e0635e..7c2a1805524 100644 --- a/service/forecast/endpoints.go +++ b/service/forecast/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/forecast/options.go b/service/forecast/options.go index df8aecb19f9..0cbc85cecd7 100644 --- a/service/forecast/options.go +++ b/service/forecast/options.go @@ -5,7 +5,6 @@ package forecast import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/forecastquery/api_client.go b/service/forecastquery/api_client.go index 501ae334d47..7da40e8caed 100644 --- a/service/forecastquery/api_client.go +++ b/service/forecastquery/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/forecastquery/auth.go b/service/forecastquery/auth.go index 4e2dd83d5d6..f0bce8c4315 100644 --- a/service/forecastquery/auth.go +++ b/service/forecastquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/forecastquery/endpoints.go b/service/forecastquery/endpoints.go index c625bf8ab78..68a4b64dcbc 100644 --- a/service/forecastquery/endpoints.go +++ b/service/forecastquery/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/forecastquery/options.go b/service/forecastquery/options.go index 681f916fef4..bfd8c7ed464 100644 --- a/service/forecastquery/options.go +++ b/service/forecastquery/options.go @@ -5,7 +5,6 @@ package forecastquery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/frauddetector/api_client.go b/service/frauddetector/api_client.go index 4cbfd990e86..b0b690a2d56 100644 --- a/service/frauddetector/api_client.go +++ b/service/frauddetector/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/frauddetector/auth.go b/service/frauddetector/auth.go index 5f0a891c741..5250dd45969 100644 --- a/service/frauddetector/auth.go +++ b/service/frauddetector/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/frauddetector/endpoints.go b/service/frauddetector/endpoints.go index 0e6ee884a4e..65604deaad1 100644 --- a/service/frauddetector/endpoints.go +++ b/service/frauddetector/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/frauddetector/options.go b/service/frauddetector/options.go index c4e1580e4a5..1d2051b056b 100644 --- a/service/frauddetector/options.go +++ b/service/frauddetector/options.go @@ -5,7 +5,6 @@ package frauddetector import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/freetier/api_client.go b/service/freetier/api_client.go index 1adf6f10fb3..19b4c569a04 100644 --- a/service/freetier/api_client.go +++ b/service/freetier/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/freetier/auth.go b/service/freetier/auth.go index bd587f40233..a0ebc6c9548 100644 --- a/service/freetier/auth.go +++ b/service/freetier/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/freetier/endpoints.go b/service/freetier/endpoints.go index 413dc6b0f11..8e9a6f1a66d 100644 --- a/service/freetier/endpoints.go +++ b/service/freetier/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -525,7 +524,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -553,9 +552,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -566,7 +562,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/freetier/options.go b/service/freetier/options.go index 4b54d0dd3f9..432e3f85ff0 100644 --- a/service/freetier/options.go +++ b/service/freetier/options.go @@ -5,7 +5,6 @@ package freetier import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fsx/api_client.go b/service/fsx/api_client.go index 9fd4d67a395..4bc87eca7b0 100644 --- a/service/fsx/api_client.go +++ b/service/fsx/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/fsx/auth.go b/service/fsx/auth.go index 55797f24e17..b76fcc777f7 100644 --- a/service/fsx/auth.go +++ b/service/fsx/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fsx/endpoints.go b/service/fsx/endpoints.go index 2aaaac4e0b9..a6c962ce298 100644 --- a/service/fsx/endpoints.go +++ b/service/fsx/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fsx/options.go b/service/fsx/options.go index 2aa8ebc6b2b..b5ee9bcef82 100644 --- a/service/fsx/options.go +++ b/service/fsx/options.go @@ -5,7 +5,6 @@ package fsx import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/gamelift/api_client.go b/service/gamelift/api_client.go index 05a53b2964d..9c91f0d2803 100644 --- a/service/gamelift/api_client.go +++ b/service/gamelift/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/gamelift/auth.go b/service/gamelift/auth.go index ca362ac2e28..c94d706bb7e 100644 --- a/service/gamelift/auth.go +++ b/service/gamelift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/gamelift/endpoints.go b/service/gamelift/endpoints.go index af78f04eb1b..262afb6915a 100644 --- a/service/gamelift/endpoints.go +++ b/service/gamelift/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/gamelift/options.go b/service/gamelift/options.go index 998c8abbf21..e7f7d52575c 100644 --- a/service/gamelift/options.go +++ b/service/gamelift/options.go @@ -5,7 +5,6 @@ package gamelift import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/glacier/api_client.go b/service/glacier/api_client.go index 9a093904b0f..766f83f35ff 100644 --- a/service/glacier/api_client.go +++ b/service/glacier/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/glacier/auth.go b/service/glacier/auth.go index 78b97c182ef..1717f878207 100644 --- a/service/glacier/auth.go +++ b/service/glacier/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/glacier/endpoints.go b/service/glacier/endpoints.go index 7274f3c2a5e..c35e88f098f 100644 --- a/service/glacier/endpoints.go +++ b/service/glacier/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/glacier/options.go b/service/glacier/options.go index f224cfc1e66..d2555d6d115 100644 --- a/service/glacier/options.go +++ b/service/glacier/options.go @@ -5,7 +5,6 @@ package glacier import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/globalaccelerator/api_client.go b/service/globalaccelerator/api_client.go index 840d16f8d2c..baf05e611d8 100644 --- a/service/globalaccelerator/api_client.go +++ b/service/globalaccelerator/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/globalaccelerator/auth.go b/service/globalaccelerator/auth.go index 8fa7395cb08..4cd6e297d35 100644 --- a/service/globalaccelerator/auth.go +++ b/service/globalaccelerator/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/globalaccelerator/endpoints.go b/service/globalaccelerator/endpoints.go index 9ebca7327f3..5f0c50b4758 100644 --- a/service/globalaccelerator/endpoints.go +++ b/service/globalaccelerator/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/globalaccelerator/options.go b/service/globalaccelerator/options.go index b304e5d780d..06c47c2a1c4 100644 --- a/service/globalaccelerator/options.go +++ b/service/globalaccelerator/options.go @@ -5,7 +5,6 @@ package globalaccelerator import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/glue/api_client.go b/service/glue/api_client.go index 022130bfb9e..40bd84bb622 100644 --- a/service/glue/api_client.go +++ b/service/glue/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/glue/auth.go b/service/glue/auth.go index 9e8365d3e0c..e4f837742ce 100644 --- a/service/glue/auth.go +++ b/service/glue/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/glue/endpoints.go b/service/glue/endpoints.go index ddb1094b07d..e1334664a32 100644 --- a/service/glue/endpoints.go +++ b/service/glue/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/glue/options.go b/service/glue/options.go index f632f1e0d93..421fb06101a 100644 --- a/service/glue/options.go +++ b/service/glue/options.go @@ -5,7 +5,6 @@ package glue import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/grafana/api_client.go b/service/grafana/api_client.go index 26ecd5d6ba4..1c53c378a3b 100644 --- a/service/grafana/api_client.go +++ b/service/grafana/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/grafana/auth.go b/service/grafana/auth.go index b5c66d2c6d6..336ae476fb6 100644 --- a/service/grafana/auth.go +++ b/service/grafana/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/grafana/endpoints.go b/service/grafana/endpoints.go index d8447a58310..4f7a7328bea 100644 --- a/service/grafana/endpoints.go +++ b/service/grafana/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/grafana/options.go b/service/grafana/options.go index bbc5ceb8680..07343295723 100644 --- a/service/grafana/options.go +++ b/service/grafana/options.go @@ -5,7 +5,6 @@ package grafana import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/greengrass/api_client.go b/service/greengrass/api_client.go index e69f081f5a8..7239e78f5d1 100644 --- a/service/greengrass/api_client.go +++ b/service/greengrass/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/greengrass/auth.go b/service/greengrass/auth.go index 1b3d5c58519..020ca4e3efe 100644 --- a/service/greengrass/auth.go +++ b/service/greengrass/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/greengrass/endpoints.go b/service/greengrass/endpoints.go index a22d8094183..9fdfe69982c 100644 --- a/service/greengrass/endpoints.go +++ b/service/greengrass/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -527,7 +526,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -556,9 +555,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -569,7 +565,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/greengrass/options.go b/service/greengrass/options.go index a73042ff6d9..0d05863cc73 100644 --- a/service/greengrass/options.go +++ b/service/greengrass/options.go @@ -5,7 +5,6 @@ package greengrass import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/greengrassv2/api_client.go b/service/greengrassv2/api_client.go index cb077ae4467..1ab48153aed 100644 --- a/service/greengrassv2/api_client.go +++ b/service/greengrassv2/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/greengrassv2/auth.go b/service/greengrassv2/auth.go index 34208e144a9..e65fd863f17 100644 --- a/service/greengrassv2/auth.go +++ b/service/greengrassv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/greengrassv2/endpoints.go b/service/greengrassv2/endpoints.go index 73d046e8068..2d506fe1c1f 100644 --- a/service/greengrassv2/endpoints.go +++ b/service/greengrassv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -527,7 +526,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -556,9 +555,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -569,7 +565,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/greengrassv2/options.go b/service/greengrassv2/options.go index 3986cc2eb0f..92d1b73838b 100644 --- a/service/greengrassv2/options.go +++ b/service/greengrassv2/options.go @@ -5,7 +5,6 @@ package greengrassv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/groundstation/api_client.go b/service/groundstation/api_client.go index 3289d77451f..e9bcc1b5cea 100644 --- a/service/groundstation/api_client.go +++ b/service/groundstation/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/groundstation/auth.go b/service/groundstation/auth.go index 2d16a1dfdf6..120c2285305 100644 --- a/service/groundstation/auth.go +++ b/service/groundstation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/groundstation/endpoints.go b/service/groundstation/endpoints.go index a69cff2324c..29bafc77cb4 100644 --- a/service/groundstation/endpoints.go +++ b/service/groundstation/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/groundstation/options.go b/service/groundstation/options.go index 7a45b361b4e..c744e570d72 100644 --- a/service/groundstation/options.go +++ b/service/groundstation/options.go @@ -5,7 +5,6 @@ package groundstation import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/guardduty/api_client.go b/service/guardduty/api_client.go index e1a4b8fee1f..124e639eb78 100644 --- a/service/guardduty/api_client.go +++ b/service/guardduty/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/guardduty/auth.go b/service/guardduty/auth.go index 2b6dcf938e4..c0187b3da94 100644 --- a/service/guardduty/auth.go +++ b/service/guardduty/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/guardduty/endpoints.go b/service/guardduty/endpoints.go index 14fa189b7df..7af0cb8aa39 100644 --- a/service/guardduty/endpoints.go +++ b/service/guardduty/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/guardduty/options.go b/service/guardduty/options.go index 68a28ef92f9..8c40066092d 100644 --- a/service/guardduty/options.go +++ b/service/guardduty/options.go @@ -5,7 +5,6 @@ package guardduty import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/health/api_client.go b/service/health/api_client.go index 719c769ecf1..a5fab6c9875 100644 --- a/service/health/api_client.go +++ b/service/health/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/health/auth.go b/service/health/auth.go index d4b728f2196..4ec1bd7ad99 100644 --- a/service/health/auth.go +++ b/service/health/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/health/endpoints.go b/service/health/endpoints.go index 754f55b168b..7e85ef0093e 100644 --- a/service/health/endpoints.go +++ b/service/health/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -501,7 +500,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -530,9 +529,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -543,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/health/options.go b/service/health/options.go index 40f2fb07209..a820fd9d525 100644 --- a/service/health/options.go +++ b/service/health/options.go @@ -5,7 +5,6 @@ package health import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/healthlake/api_client.go b/service/healthlake/api_client.go index eb5739d151b..005ff95cbc3 100644 --- a/service/healthlake/api_client.go +++ b/service/healthlake/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/healthlake/auth.go b/service/healthlake/auth.go index b4b0c3f75e9..41c504098a6 100644 --- a/service/healthlake/auth.go +++ b/service/healthlake/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/healthlake/endpoints.go b/service/healthlake/endpoints.go index c396f0814f0..dcb139b8da2 100644 --- a/service/healthlake/endpoints.go +++ b/service/healthlake/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/healthlake/options.go b/service/healthlake/options.go index 1a02228b9ee..49ab3b42377 100644 --- a/service/healthlake/options.go +++ b/service/healthlake/options.go @@ -5,7 +5,6 @@ package healthlake import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/honeycode/api_client.go b/service/honeycode/api_client.go index dee8e42974e..a5572474d14 100644 --- a/service/honeycode/api_client.go +++ b/service/honeycode/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/honeycode/auth.go b/service/honeycode/auth.go index 3c9a9530e56..0b88434d806 100644 --- a/service/honeycode/auth.go +++ b/service/honeycode/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/honeycode/endpoints.go b/service/honeycode/endpoints.go index 6392cde4202..2105e6d4969 100644 --- a/service/honeycode/endpoints.go +++ b/service/honeycode/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/honeycode/options.go b/service/honeycode/options.go index 4dbc3f2eb65..aee88c423f5 100644 --- a/service/honeycode/options.go +++ b/service/honeycode/options.go @@ -5,7 +5,6 @@ package honeycode import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iam/api_client.go b/service/iam/api_client.go index a5620634648..5d38106aecc 100644 --- a/service/iam/api_client.go +++ b/service/iam/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iam/auth.go b/service/iam/auth.go index 0f640262008..f7f5917156a 100644 --- a/service/iam/auth.go +++ b/service/iam/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iam/endpoints.go b/service/iam/endpoints.go index 6143ead3884..63c2b352083 100644 --- a/service/iam/endpoints.go +++ b/service/iam/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -747,7 +746,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -776,9 +775,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -789,7 +785,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iam/options.go b/service/iam/options.go index b3885a41925..9dc917618cf 100644 --- a/service/iam/options.go +++ b/service/iam/options.go @@ -5,7 +5,6 @@ package iam import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/identitystore/api_client.go b/service/identitystore/api_client.go index 07017d763cf..89d6c42e671 100644 --- a/service/identitystore/api_client.go +++ b/service/identitystore/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/identitystore/auth.go b/service/identitystore/auth.go index 74793797ece..57fc2a7b377 100644 --- a/service/identitystore/auth.go +++ b/service/identitystore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/identitystore/endpoints.go b/service/identitystore/endpoints.go index 6a24db5dc8f..5eb3a365867 100644 --- a/service/identitystore/endpoints.go +++ b/service/identitystore/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/identitystore/options.go b/service/identitystore/options.go index 698bed42374..4d799bfbe1d 100644 --- a/service/identitystore/options.go +++ b/service/identitystore/options.go @@ -5,7 +5,6 @@ package identitystore import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/imagebuilder/api_client.go b/service/imagebuilder/api_client.go index bd27d34eacf..1675f1a7bdb 100644 --- a/service/imagebuilder/api_client.go +++ b/service/imagebuilder/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/imagebuilder/auth.go b/service/imagebuilder/auth.go index 957668a0a87..a92e040d166 100644 --- a/service/imagebuilder/auth.go +++ b/service/imagebuilder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/imagebuilder/endpoints.go b/service/imagebuilder/endpoints.go index 7bd6d1212ad..66b5621ed49 100644 --- a/service/imagebuilder/endpoints.go +++ b/service/imagebuilder/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/imagebuilder/options.go b/service/imagebuilder/options.go index 57b3b9c87d8..8d6360bb408 100644 --- a/service/imagebuilder/options.go +++ b/service/imagebuilder/options.go @@ -5,7 +5,6 @@ package imagebuilder import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspector/api_client.go b/service/inspector/api_client.go index 28529aa67c1..f4d1ff8b807 100644 --- a/service/inspector/api_client.go +++ b/service/inspector/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/inspector/auth.go b/service/inspector/auth.go index 7c55b40e3ba..60736093ef4 100644 --- a/service/inspector/auth.go +++ b/service/inspector/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspector/endpoints.go b/service/inspector/endpoints.go index 8eae7cec96e..49706fcfd59 100644 --- a/service/inspector/endpoints.go +++ b/service/inspector/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspector/options.go b/service/inspector/options.go index d052c8462fd..61d1610916f 100644 --- a/service/inspector/options.go +++ b/service/inspector/options.go @@ -5,7 +5,6 @@ package inspector import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspector2/api_client.go b/service/inspector2/api_client.go index 98a963ced69..9afceaf2f10 100644 --- a/service/inspector2/api_client.go +++ b/service/inspector2/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/inspector2/auth.go b/service/inspector2/auth.go index 8233cfa658f..300dff2a278 100644 --- a/service/inspector2/auth.go +++ b/service/inspector2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspector2/endpoints.go b/service/inspector2/endpoints.go index 2cd53d6144b..813f2583447 100644 --- a/service/inspector2/endpoints.go +++ b/service/inspector2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspector2/options.go b/service/inspector2/options.go index 738ef120ed0..7f2ffd7de25 100644 --- a/service/inspector2/options.go +++ b/service/inspector2/options.go @@ -5,7 +5,6 @@ package inspector2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspectorscan/api_client.go b/service/inspectorscan/api_client.go index 8113c3cd85a..3b146a7116a 100644 --- a/service/inspectorscan/api_client.go +++ b/service/inspectorscan/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/inspectorscan/auth.go b/service/inspectorscan/auth.go index 393895e9c6f..e81c82b2a7a 100644 --- a/service/inspectorscan/auth.go +++ b/service/inspectorscan/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspectorscan/endpoints.go b/service/inspectorscan/endpoints.go index 01ec65c66e2..c58eb1dca39 100644 --- a/service/inspectorscan/endpoints.go +++ b/service/inspectorscan/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspectorscan/options.go b/service/inspectorscan/options.go index f453f4ad4eb..bb5adfd027c 100644 --- a/service/inspectorscan/options.go +++ b/service/inspectorscan/options.go @@ -5,7 +5,6 @@ package inspectorscan import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/internetmonitor/api_client.go b/service/internetmonitor/api_client.go index 9e0d83b48d5..c31b53565d3 100644 --- a/service/internetmonitor/api_client.go +++ b/service/internetmonitor/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/internetmonitor/auth.go b/service/internetmonitor/auth.go index e097047cc71..1b9db4666d2 100644 --- a/service/internetmonitor/auth.go +++ b/service/internetmonitor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/internetmonitor/endpoints.go b/service/internetmonitor/endpoints.go index 944339f1863..ce1031950a0 100644 --- a/service/internetmonitor/endpoints.go +++ b/service/internetmonitor/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/internetmonitor/options.go b/service/internetmonitor/options.go index e4c661e18b9..eb145a63961 100644 --- a/service/internetmonitor/options.go +++ b/service/internetmonitor/options.go @@ -5,7 +5,6 @@ package internetmonitor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot/api_client.go b/service/iot/api_client.go index ef28b4127f1..519b3ec012f 100644 --- a/service/iot/api_client.go +++ b/service/iot/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iot/auth.go b/service/iot/auth.go index f9d9f22f2a6..f93b65e53b8 100644 --- a/service/iot/auth.go +++ b/service/iot/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot/endpoints.go b/service/iot/endpoints.go index e56611aa813..8367227ea33 100644 --- a/service/iot/endpoints.go +++ b/service/iot/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -497,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,9 +525,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -539,7 +535,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot/options.go b/service/iot/options.go index 84ba066d1cd..199ca1c2b5f 100644 --- a/service/iot/options.go +++ b/service/iot/options.go @@ -5,7 +5,6 @@ package iot import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot1clickdevicesservice/api_client.go b/service/iot1clickdevicesservice/api_client.go index 19aa1075625..3c7b030d2c9 100644 --- a/service/iot1clickdevicesservice/api_client.go +++ b/service/iot1clickdevicesservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iot1clickdevicesservice/auth.go b/service/iot1clickdevicesservice/auth.go index 76797d9d941..5a87b0f6beb 100644 --- a/service/iot1clickdevicesservice/auth.go +++ b/service/iot1clickdevicesservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot1clickdevicesservice/endpoints.go b/service/iot1clickdevicesservice/endpoints.go index 75af27c2183..60f57289c70 100644 --- a/service/iot1clickdevicesservice/endpoints.go +++ b/service/iot1clickdevicesservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot1clickdevicesservice/options.go b/service/iot1clickdevicesservice/options.go index 1497b53e2ac..2fa8d97b754 100644 --- a/service/iot1clickdevicesservice/options.go +++ b/service/iot1clickdevicesservice/options.go @@ -5,7 +5,6 @@ package iot1clickdevicesservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot1clickprojects/api_client.go b/service/iot1clickprojects/api_client.go index 1f8335aa251..df1f9a7b0d7 100644 --- a/service/iot1clickprojects/api_client.go +++ b/service/iot1clickprojects/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iot1clickprojects/auth.go b/service/iot1clickprojects/auth.go index 31b1e47cb6f..be8461a7418 100644 --- a/service/iot1clickprojects/auth.go +++ b/service/iot1clickprojects/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot1clickprojects/endpoints.go b/service/iot1clickprojects/endpoints.go index 9bc22b1ca61..0d46c10c042 100644 --- a/service/iot1clickprojects/endpoints.go +++ b/service/iot1clickprojects/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot1clickprojects/options.go b/service/iot1clickprojects/options.go index e7c5a140707..c13808d2377 100644 --- a/service/iot1clickprojects/options.go +++ b/service/iot1clickprojects/options.go @@ -5,7 +5,6 @@ package iot1clickprojects import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotanalytics/api_client.go b/service/iotanalytics/api_client.go index 764ab59e1b4..492acc2b50c 100644 --- a/service/iotanalytics/api_client.go +++ b/service/iotanalytics/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotanalytics/auth.go b/service/iotanalytics/auth.go index 9c1ffe3ad40..5e1bc48b217 100644 --- a/service/iotanalytics/auth.go +++ b/service/iotanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotanalytics/endpoints.go b/service/iotanalytics/endpoints.go index ec1def4e798..a8012603e23 100644 --- a/service/iotanalytics/endpoints.go +++ b/service/iotanalytics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotanalytics/options.go b/service/iotanalytics/options.go index 5ab6d8b37b6..ab3fe3f26d8 100644 --- a/service/iotanalytics/options.go +++ b/service/iotanalytics/options.go @@ -5,7 +5,6 @@ package iotanalytics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotdataplane/api_client.go b/service/iotdataplane/api_client.go index 86931fb7718..3818b6fd2d4 100644 --- a/service/iotdataplane/api_client.go +++ b/service/iotdataplane/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotdataplane/auth.go b/service/iotdataplane/auth.go index b44e7c29010..bcd7e31a15a 100644 --- a/service/iotdataplane/auth.go +++ b/service/iotdataplane/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotdataplane/endpoints.go b/service/iotdataplane/endpoints.go index 484fc61a08b..b2d9a25e950 100644 --- a/service/iotdataplane/endpoints.go +++ b/service/iotdataplane/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -601,7 +600,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -630,9 +629,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -643,7 +639,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotdataplane/options.go b/service/iotdataplane/options.go index c3e316bb4c6..8e802fe6d09 100644 --- a/service/iotdataplane/options.go +++ b/service/iotdataplane/options.go @@ -5,7 +5,6 @@ package iotdataplane import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotdeviceadvisor/api_client.go b/service/iotdeviceadvisor/api_client.go index edca3bdf219..25496ac786d 100644 --- a/service/iotdeviceadvisor/api_client.go +++ b/service/iotdeviceadvisor/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotdeviceadvisor/auth.go b/service/iotdeviceadvisor/auth.go index 043b213dde7..f0aac369978 100644 --- a/service/iotdeviceadvisor/auth.go +++ b/service/iotdeviceadvisor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotdeviceadvisor/endpoints.go b/service/iotdeviceadvisor/endpoints.go index 8523b83a3f0..b9c2f06076f 100644 --- a/service/iotdeviceadvisor/endpoints.go +++ b/service/iotdeviceadvisor/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotdeviceadvisor/options.go b/service/iotdeviceadvisor/options.go index 1f11b11a428..caba27c91ba 100644 --- a/service/iotdeviceadvisor/options.go +++ b/service/iotdeviceadvisor/options.go @@ -5,7 +5,6 @@ package iotdeviceadvisor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotevents/api_client.go b/service/iotevents/api_client.go index e254e9a5427..c9d98db9733 100644 --- a/service/iotevents/api_client.go +++ b/service/iotevents/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotevents/auth.go b/service/iotevents/auth.go index 5e6c1fd0277..939517f776b 100644 --- a/service/iotevents/auth.go +++ b/service/iotevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotevents/endpoints.go b/service/iotevents/endpoints.go index ec87ffb8005..9066eef1a3a 100644 --- a/service/iotevents/endpoints.go +++ b/service/iotevents/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotevents/options.go b/service/iotevents/options.go index eeacf9e2596..27666fc52a3 100644 --- a/service/iotevents/options.go +++ b/service/iotevents/options.go @@ -5,7 +5,6 @@ package iotevents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ioteventsdata/api_client.go b/service/ioteventsdata/api_client.go index 723ac1299af..d95a7b2511c 100644 --- a/service/ioteventsdata/api_client.go +++ b/service/ioteventsdata/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ioteventsdata/auth.go b/service/ioteventsdata/auth.go index 36c655c7129..2c70588bff5 100644 --- a/service/ioteventsdata/auth.go +++ b/service/ioteventsdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ioteventsdata/endpoints.go b/service/ioteventsdata/endpoints.go index f9624a36cd3..69501db45c5 100644 --- a/service/ioteventsdata/endpoints.go +++ b/service/ioteventsdata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ioteventsdata/options.go b/service/ioteventsdata/options.go index 2dcb2b48852..a3338820dd7 100644 --- a/service/ioteventsdata/options.go +++ b/service/ioteventsdata/options.go @@ -5,7 +5,6 @@ package ioteventsdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotfleethub/api_client.go b/service/iotfleethub/api_client.go index b04b6de5932..229e658030d 100644 --- a/service/iotfleethub/api_client.go +++ b/service/iotfleethub/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotfleethub/auth.go b/service/iotfleethub/auth.go index 4058e712271..0d2df7e3252 100644 --- a/service/iotfleethub/auth.go +++ b/service/iotfleethub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotfleethub/endpoints.go b/service/iotfleethub/endpoints.go index 2a927eb6c65..f7ebf1b67dc 100644 --- a/service/iotfleethub/endpoints.go +++ b/service/iotfleethub/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotfleethub/options.go b/service/iotfleethub/options.go index d1fe1499ccb..5914b462b71 100644 --- a/service/iotfleethub/options.go +++ b/service/iotfleethub/options.go @@ -5,7 +5,6 @@ package iotfleethub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotfleetwise/api_client.go b/service/iotfleetwise/api_client.go index 3d0b18ebe20..f12a101247d 100644 --- a/service/iotfleetwise/api_client.go +++ b/service/iotfleetwise/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotfleetwise/auth.go b/service/iotfleetwise/auth.go index ec6773e73de..de7d6acd364 100644 --- a/service/iotfleetwise/auth.go +++ b/service/iotfleetwise/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotfleetwise/endpoints.go b/service/iotfleetwise/endpoints.go index 6484d0e5ea7..a1250878f0f 100644 --- a/service/iotfleetwise/endpoints.go +++ b/service/iotfleetwise/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotfleetwise/options.go b/service/iotfleetwise/options.go index f5b70e35507..3bc794cb501 100644 --- a/service/iotfleetwise/options.go +++ b/service/iotfleetwise/options.go @@ -5,7 +5,6 @@ package iotfleetwise import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotjobsdataplane/api_client.go b/service/iotjobsdataplane/api_client.go index 608d8ba8414..9cf1529cc03 100644 --- a/service/iotjobsdataplane/api_client.go +++ b/service/iotjobsdataplane/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotjobsdataplane/auth.go b/service/iotjobsdataplane/auth.go index 8a754ee0a35..a6801b8c1b4 100644 --- a/service/iotjobsdataplane/auth.go +++ b/service/iotjobsdataplane/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotjobsdataplane/endpoints.go b/service/iotjobsdataplane/endpoints.go index aebf183c851..43020833366 100644 --- a/service/iotjobsdataplane/endpoints.go +++ b/service/iotjobsdataplane/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotjobsdataplane/options.go b/service/iotjobsdataplane/options.go index 4f01b59ca2b..036fc7d5a3d 100644 --- a/service/iotjobsdataplane/options.go +++ b/service/iotjobsdataplane/options.go @@ -5,7 +5,6 @@ package iotjobsdataplane import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotroborunner/api_client.go b/service/iotroborunner/api_client.go index 9cb8966fa6d..0c17961849b 100644 --- a/service/iotroborunner/api_client.go +++ b/service/iotroborunner/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotroborunner/auth.go b/service/iotroborunner/auth.go index 279237c241d..697a1a31481 100644 --- a/service/iotroborunner/auth.go +++ b/service/iotroborunner/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotroborunner/endpoints.go b/service/iotroborunner/endpoints.go index 9f43d0873de..284143f194c 100644 --- a/service/iotroborunner/endpoints.go +++ b/service/iotroborunner/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotroborunner/options.go b/service/iotroborunner/options.go index d4adc8d0b1d..66da194453c 100644 --- a/service/iotroborunner/options.go +++ b/service/iotroborunner/options.go @@ -5,7 +5,6 @@ package iotroborunner import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotsecuretunneling/api_client.go b/service/iotsecuretunneling/api_client.go index 32711d1629e..4b053479eb6 100644 --- a/service/iotsecuretunneling/api_client.go +++ b/service/iotsecuretunneling/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotsecuretunneling/auth.go b/service/iotsecuretunneling/auth.go index 9673aa03f2e..d12b1128098 100644 --- a/service/iotsecuretunneling/auth.go +++ b/service/iotsecuretunneling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotsecuretunneling/endpoints.go b/service/iotsecuretunneling/endpoints.go index 0e1cd27f691..51a1262646c 100644 --- a/service/iotsecuretunneling/endpoints.go +++ b/service/iotsecuretunneling/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotsecuretunneling/options.go b/service/iotsecuretunneling/options.go index d0ae283bb62..25e5ad67504 100644 --- a/service/iotsecuretunneling/options.go +++ b/service/iotsecuretunneling/options.go @@ -5,7 +5,6 @@ package iotsecuretunneling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotsitewise/api_client.go b/service/iotsitewise/api_client.go index 2b7f1ce27bf..d41c68d0b0a 100644 --- a/service/iotsitewise/api_client.go +++ b/service/iotsitewise/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotsitewise/auth.go b/service/iotsitewise/auth.go index a959966abfa..95d3461977a 100644 --- a/service/iotsitewise/auth.go +++ b/service/iotsitewise/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotsitewise/endpoints.go b/service/iotsitewise/endpoints.go index 3e9b2fd669b..ef281df7d4c 100644 --- a/service/iotsitewise/endpoints.go +++ b/service/iotsitewise/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotsitewise/options.go b/service/iotsitewise/options.go index da029166a24..af7c6568caf 100644 --- a/service/iotsitewise/options.go +++ b/service/iotsitewise/options.go @@ -5,7 +5,6 @@ package iotsitewise import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotthingsgraph/api_client.go b/service/iotthingsgraph/api_client.go index 7724e97130e..bfc8e4f9899 100644 --- a/service/iotthingsgraph/api_client.go +++ b/service/iotthingsgraph/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotthingsgraph/auth.go b/service/iotthingsgraph/auth.go index 3e484c33eac..e921eea19a9 100644 --- a/service/iotthingsgraph/auth.go +++ b/service/iotthingsgraph/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotthingsgraph/endpoints.go b/service/iotthingsgraph/endpoints.go index 54c41e0d059..0fcd54ff137 100644 --- a/service/iotthingsgraph/endpoints.go +++ b/service/iotthingsgraph/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotthingsgraph/options.go b/service/iotthingsgraph/options.go index 7026e66fe39..489330e364f 100644 --- a/service/iotthingsgraph/options.go +++ b/service/iotthingsgraph/options.go @@ -5,7 +5,6 @@ package iotthingsgraph import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iottwinmaker/api_client.go b/service/iottwinmaker/api_client.go index 8e5d48f1ddd..cc32e441eb0 100644 --- a/service/iottwinmaker/api_client.go +++ b/service/iottwinmaker/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iottwinmaker/auth.go b/service/iottwinmaker/auth.go index e5abb12f1f4..4082445a598 100644 --- a/service/iottwinmaker/auth.go +++ b/service/iottwinmaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iottwinmaker/endpoints.go b/service/iottwinmaker/endpoints.go index 9a47d984d65..8837e37acd5 100644 --- a/service/iottwinmaker/endpoints.go +++ b/service/iottwinmaker/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iottwinmaker/options.go b/service/iottwinmaker/options.go index c3acc8d641f..b383a8eefbd 100644 --- a/service/iottwinmaker/options.go +++ b/service/iottwinmaker/options.go @@ -5,7 +5,6 @@ package iottwinmaker import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotwireless/api_client.go b/service/iotwireless/api_client.go index 16f8d3a9bfb..f1af554281f 100644 --- a/service/iotwireless/api_client.go +++ b/service/iotwireless/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/iotwireless/auth.go b/service/iotwireless/auth.go index f2d0f696017..e1533afc719 100644 --- a/service/iotwireless/auth.go +++ b/service/iotwireless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotwireless/endpoints.go b/service/iotwireless/endpoints.go index 73eb5a8c254..859c2c601fb 100644 --- a/service/iotwireless/endpoints.go +++ b/service/iotwireless/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotwireless/options.go b/service/iotwireless/options.go index 64f45aa952f..e09b0f114a6 100644 --- a/service/iotwireless/options.go +++ b/service/iotwireless/options.go @@ -5,7 +5,6 @@ package iotwireless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivs/api_client.go b/service/ivs/api_client.go index eb409a4ecfb..407e79125d3 100644 --- a/service/ivs/api_client.go +++ b/service/ivs/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ivs/auth.go b/service/ivs/auth.go index 65731d3d421..f9c868d5f5b 100644 --- a/service/ivs/auth.go +++ b/service/ivs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivs/endpoints.go b/service/ivs/endpoints.go index b1234b2e268..fa87921e9d2 100644 --- a/service/ivs/endpoints.go +++ b/service/ivs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivs/options.go b/service/ivs/options.go index e95aafcd7ad..42de105a27b 100644 --- a/service/ivs/options.go +++ b/service/ivs/options.go @@ -5,7 +5,6 @@ package ivs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivschat/api_client.go b/service/ivschat/api_client.go index a389fc13bf2..70c10bcbbd4 100644 --- a/service/ivschat/api_client.go +++ b/service/ivschat/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ivschat/auth.go b/service/ivschat/auth.go index 1b9cf687fc3..8a7d30529c1 100644 --- a/service/ivschat/auth.go +++ b/service/ivschat/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivschat/endpoints.go b/service/ivschat/endpoints.go index 79f49ead956..c35c7072cca 100644 --- a/service/ivschat/endpoints.go +++ b/service/ivschat/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivschat/options.go b/service/ivschat/options.go index 5b2f0a3387c..5ac40291045 100644 --- a/service/ivschat/options.go +++ b/service/ivschat/options.go @@ -5,7 +5,6 @@ package ivschat import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivsrealtime/api_client.go b/service/ivsrealtime/api_client.go index 1d77133ca3c..f0d26f99e1c 100644 --- a/service/ivsrealtime/api_client.go +++ b/service/ivsrealtime/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ivsrealtime/auth.go b/service/ivsrealtime/auth.go index 4b4eebb5973..68eb6c1b273 100644 --- a/service/ivsrealtime/auth.go +++ b/service/ivsrealtime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivsrealtime/endpoints.go b/service/ivsrealtime/endpoints.go index ed2c7a7d4e3..464a425df6b 100644 --- a/service/ivsrealtime/endpoints.go +++ b/service/ivsrealtime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivsrealtime/options.go b/service/ivsrealtime/options.go index d42496a9f01..fe1efedca94 100644 --- a/service/ivsrealtime/options.go +++ b/service/ivsrealtime/options.go @@ -5,7 +5,6 @@ package ivsrealtime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kafka/api_client.go b/service/kafka/api_client.go index 4d531f3a8a2..ddd2ad02516 100644 --- a/service/kafka/api_client.go +++ b/service/kafka/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kafka/auth.go b/service/kafka/auth.go index c9a9e8ef520..01c30d877a0 100644 --- a/service/kafka/auth.go +++ b/service/kafka/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kafka/endpoints.go b/service/kafka/endpoints.go index 9e4e90a54a9..2918c72bf42 100644 --- a/service/kafka/endpoints.go +++ b/service/kafka/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kafka/options.go b/service/kafka/options.go index b4606c49244..54a2483b5ed 100644 --- a/service/kafka/options.go +++ b/service/kafka/options.go @@ -5,7 +5,6 @@ package kafka import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kafkaconnect/api_client.go b/service/kafkaconnect/api_client.go index c9ff7c10b2d..81d5230e4b8 100644 --- a/service/kafkaconnect/api_client.go +++ b/service/kafkaconnect/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kafkaconnect/auth.go b/service/kafkaconnect/auth.go index aa6d8619171..75479b40336 100644 --- a/service/kafkaconnect/auth.go +++ b/service/kafkaconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kafkaconnect/endpoints.go b/service/kafkaconnect/endpoints.go index a3723ce5ebb..5cd226f485f 100644 --- a/service/kafkaconnect/endpoints.go +++ b/service/kafkaconnect/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kafkaconnect/options.go b/service/kafkaconnect/options.go index 9fafac0b65d..fdedd8301b6 100644 --- a/service/kafkaconnect/options.go +++ b/service/kafkaconnect/options.go @@ -5,7 +5,6 @@ package kafkaconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kendra/api_client.go b/service/kendra/api_client.go index 6c52e3ebe2c..1b8d9916446 100644 --- a/service/kendra/api_client.go +++ b/service/kendra/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kendra/auth.go b/service/kendra/auth.go index e7365135e54..0f13f7f8a0a 100644 --- a/service/kendra/auth.go +++ b/service/kendra/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kendra/endpoints.go b/service/kendra/endpoints.go index 828d9bd9ac8..7a3d474e2fc 100644 --- a/service/kendra/endpoints.go +++ b/service/kendra/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kendra/options.go b/service/kendra/options.go index 560aa6a725d..8e9db820070 100644 --- a/service/kendra/options.go +++ b/service/kendra/options.go @@ -5,7 +5,6 @@ package kendra import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kendraranking/api_client.go b/service/kendraranking/api_client.go index 6ece037dc22..a1ae08835d4 100644 --- a/service/kendraranking/api_client.go +++ b/service/kendraranking/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kendraranking/auth.go b/service/kendraranking/auth.go index a6c14361905..30fcdd4b20c 100644 --- a/service/kendraranking/auth.go +++ b/service/kendraranking/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kendraranking/endpoints.go b/service/kendraranking/endpoints.go index 63d1d1f9a08..ba740265be8 100644 --- a/service/kendraranking/endpoints.go +++ b/service/kendraranking/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -412,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,9 +439,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -453,7 +449,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kendraranking/options.go b/service/kendraranking/options.go index ea77efa8f3d..5aab840a035 100644 --- a/service/kendraranking/options.go +++ b/service/kendraranking/options.go @@ -5,7 +5,6 @@ package kendraranking import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/keyspaces/api_client.go b/service/keyspaces/api_client.go index 7d01973180c..2fed93d4d2e 100644 --- a/service/keyspaces/api_client.go +++ b/service/keyspaces/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/keyspaces/auth.go b/service/keyspaces/auth.go index da889c0cca8..56b83a4a676 100644 --- a/service/keyspaces/auth.go +++ b/service/keyspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/keyspaces/endpoints.go b/service/keyspaces/endpoints.go index 19a0c547801..66c8c2e2cef 100644 --- a/service/keyspaces/endpoints.go +++ b/service/keyspaces/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/keyspaces/options.go b/service/keyspaces/options.go index 6a73d684298..1cf9545f6fe 100644 --- a/service/keyspaces/options.go +++ b/service/keyspaces/options.go @@ -5,7 +5,6 @@ package keyspaces import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesis/api_client.go b/service/kinesis/api_client.go index c17ad5c3a8a..e5903efe291 100644 --- a/service/kinesis/api_client.go +++ b/service/kinesis/api_client.go @@ -231,16 +231,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesis/auth.go b/service/kinesis/auth.go index 769a34f5d17..0702f8afad6 100644 --- a/service/kinesis/auth.go +++ b/service/kinesis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesis/endpoints.go b/service/kinesis/endpoints.go index 1b649f70fa9..481add9802a 100644 --- a/service/kinesis/endpoints.go +++ b/service/kinesis/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -1015,7 +1014,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1044,9 +1043,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -1057,7 +1053,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesis/options.go b/service/kinesis/options.go index ecd387359dc..155ced3b14e 100644 --- a/service/kinesis/options.go +++ b/service/kinesis/options.go @@ -5,7 +5,6 @@ package kinesis import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisanalytics/api_client.go b/service/kinesisanalytics/api_client.go index 4ca4159250b..001245171df 100644 --- a/service/kinesisanalytics/api_client.go +++ b/service/kinesisanalytics/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisanalytics/auth.go b/service/kinesisanalytics/auth.go index 320bee298c6..b588328b8fb 100644 --- a/service/kinesisanalytics/auth.go +++ b/service/kinesisanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisanalytics/endpoints.go b/service/kinesisanalytics/endpoints.go index bac8fc37a18..e8516117c18 100644 --- a/service/kinesisanalytics/endpoints.go +++ b/service/kinesisanalytics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisanalytics/options.go b/service/kinesisanalytics/options.go index 4966606d254..678065e55f0 100644 --- a/service/kinesisanalytics/options.go +++ b/service/kinesisanalytics/options.go @@ -5,7 +5,6 @@ package kinesisanalytics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisanalyticsv2/api_client.go b/service/kinesisanalyticsv2/api_client.go index c7bb1c6ac81..c911134ef43 100644 --- a/service/kinesisanalyticsv2/api_client.go +++ b/service/kinesisanalyticsv2/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisanalyticsv2/auth.go b/service/kinesisanalyticsv2/auth.go index 6dbf122c0d3..72d79992f4e 100644 --- a/service/kinesisanalyticsv2/auth.go +++ b/service/kinesisanalyticsv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisanalyticsv2/endpoints.go b/service/kinesisanalyticsv2/endpoints.go index f6a153b7777..764a42dc0eb 100644 --- a/service/kinesisanalyticsv2/endpoints.go +++ b/service/kinesisanalyticsv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisanalyticsv2/options.go b/service/kinesisanalyticsv2/options.go index ada53257f10..5feab711b94 100644 --- a/service/kinesisanalyticsv2/options.go +++ b/service/kinesisanalyticsv2/options.go @@ -5,7 +5,6 @@ package kinesisanalyticsv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideo/api_client.go b/service/kinesisvideo/api_client.go index 861132daee5..73258f4b0a5 100644 --- a/service/kinesisvideo/api_client.go +++ b/service/kinesisvideo/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideo/auth.go b/service/kinesisvideo/auth.go index 1c9a2cf3363..8d90b1f6265 100644 --- a/service/kinesisvideo/auth.go +++ b/service/kinesisvideo/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideo/endpoints.go b/service/kinesisvideo/endpoints.go index edd988ecb14..04994a1ef9c 100644 --- a/service/kinesisvideo/endpoints.go +++ b/service/kinesisvideo/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideo/options.go b/service/kinesisvideo/options.go index 98a72578499..92065738972 100644 --- a/service/kinesisvideo/options.go +++ b/service/kinesisvideo/options.go @@ -5,7 +5,6 @@ package kinesisvideo import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideoarchivedmedia/api_client.go b/service/kinesisvideoarchivedmedia/api_client.go index 12fdee2f701..02f3104137d 100644 --- a/service/kinesisvideoarchivedmedia/api_client.go +++ b/service/kinesisvideoarchivedmedia/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideoarchivedmedia/auth.go b/service/kinesisvideoarchivedmedia/auth.go index 58bd760e8d4..320e348943a 100644 --- a/service/kinesisvideoarchivedmedia/auth.go +++ b/service/kinesisvideoarchivedmedia/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideoarchivedmedia/endpoints.go b/service/kinesisvideoarchivedmedia/endpoints.go index 34378ac26b6..0980accef36 100644 --- a/service/kinesisvideoarchivedmedia/endpoints.go +++ b/service/kinesisvideoarchivedmedia/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideoarchivedmedia/options.go b/service/kinesisvideoarchivedmedia/options.go index a4dfe627b49..b277a36e668 100644 --- a/service/kinesisvideoarchivedmedia/options.go +++ b/service/kinesisvideoarchivedmedia/options.go @@ -5,7 +5,6 @@ package kinesisvideoarchivedmedia import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideomedia/api_client.go b/service/kinesisvideomedia/api_client.go index 8ae8c3c2909..57d1add87f2 100644 --- a/service/kinesisvideomedia/api_client.go +++ b/service/kinesisvideomedia/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideomedia/auth.go b/service/kinesisvideomedia/auth.go index 27c4d7bac73..08ed5503a49 100644 --- a/service/kinesisvideomedia/auth.go +++ b/service/kinesisvideomedia/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideomedia/endpoints.go b/service/kinesisvideomedia/endpoints.go index 22f0e356099..f45a74cbe28 100644 --- a/service/kinesisvideomedia/endpoints.go +++ b/service/kinesisvideomedia/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideomedia/options.go b/service/kinesisvideomedia/options.go index 7316206cc72..f8da0363744 100644 --- a/service/kinesisvideomedia/options.go +++ b/service/kinesisvideomedia/options.go @@ -5,7 +5,6 @@ package kinesisvideomedia import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideosignaling/api_client.go b/service/kinesisvideosignaling/api_client.go index 593a956d57b..abeb789548c 100644 --- a/service/kinesisvideosignaling/api_client.go +++ b/service/kinesisvideosignaling/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideosignaling/auth.go b/service/kinesisvideosignaling/auth.go index 779b65e83cf..33d74b57825 100644 --- a/service/kinesisvideosignaling/auth.go +++ b/service/kinesisvideosignaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideosignaling/endpoints.go b/service/kinesisvideosignaling/endpoints.go index 8259740c259..775e4688bdb 100644 --- a/service/kinesisvideosignaling/endpoints.go +++ b/service/kinesisvideosignaling/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideosignaling/options.go b/service/kinesisvideosignaling/options.go index ad31b1451ac..adbe7cd35e6 100644 --- a/service/kinesisvideosignaling/options.go +++ b/service/kinesisvideosignaling/options.go @@ -5,7 +5,6 @@ package kinesisvideosignaling import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideowebrtcstorage/api_client.go b/service/kinesisvideowebrtcstorage/api_client.go index fbae5120a9c..a8242ccb12b 100644 --- a/service/kinesisvideowebrtcstorage/api_client.go +++ b/service/kinesisvideowebrtcstorage/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kinesisvideowebrtcstorage/auth.go b/service/kinesisvideowebrtcstorage/auth.go index cce746de842..6ccefb2a3b0 100644 --- a/service/kinesisvideowebrtcstorage/auth.go +++ b/service/kinesisvideowebrtcstorage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideowebrtcstorage/endpoints.go b/service/kinesisvideowebrtcstorage/endpoints.go index 1c23f4bbc06..752c853c2f7 100644 --- a/service/kinesisvideowebrtcstorage/endpoints.go +++ b/service/kinesisvideowebrtcstorage/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideowebrtcstorage/options.go b/service/kinesisvideowebrtcstorage/options.go index 08c810627ac..31c132932f3 100644 --- a/service/kinesisvideowebrtcstorage/options.go +++ b/service/kinesisvideowebrtcstorage/options.go @@ -5,7 +5,6 @@ package kinesisvideowebrtcstorage import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kms/api_client.go b/service/kms/api_client.go index ca4ae7eaff1..d1af622670f 100644 --- a/service/kms/api_client.go +++ b/service/kms/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/kms/auth.go b/service/kms/auth.go index b9f4aeb519a..16619a43751 100644 --- a/service/kms/auth.go +++ b/service/kms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kms/endpoints.go b/service/kms/endpoints.go index 5fdbb917c83..0538b4ef969 100644 --- a/service/kms/endpoints.go +++ b/service/kms/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kms/options.go b/service/kms/options.go index a02f191ee59..b24e2565947 100644 --- a/service/kms/options.go +++ b/service/kms/options.go @@ -5,7 +5,6 @@ package kms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lakeformation/api_client.go b/service/lakeformation/api_client.go index aea3281c388..53da5289e06 100644 --- a/service/lakeformation/api_client.go +++ b/service/lakeformation/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lakeformation/auth.go b/service/lakeformation/auth.go index 1d1b86d0319..7091cfcb8f3 100644 --- a/service/lakeformation/auth.go +++ b/service/lakeformation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lakeformation/endpoints.go b/service/lakeformation/endpoints.go index 900b588c610..a4fdec742d0 100644 --- a/service/lakeformation/endpoints.go +++ b/service/lakeformation/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lakeformation/options.go b/service/lakeformation/options.go index 9f787e2a1b2..012d57d12fa 100644 --- a/service/lakeformation/options.go +++ b/service/lakeformation/options.go @@ -5,7 +5,6 @@ package lakeformation import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lambda/api_client.go b/service/lambda/api_client.go index a974b1eb951..13b202fb74d 100644 --- a/service/lambda/api_client.go +++ b/service/lambda/api_client.go @@ -231,16 +231,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lambda/auth.go b/service/lambda/auth.go index fc70bdaa313..200f694bbba 100644 --- a/service/lambda/auth.go +++ b/service/lambda/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lambda/endpoints.go b/service/lambda/endpoints.go index 2997f15fb52..0af3882c89a 100644 --- a/service/lambda/endpoints.go +++ b/service/lambda/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lambda/options.go b/service/lambda/options.go index 20014985ab6..e76e46c8a01 100644 --- a/service/lambda/options.go +++ b/service/lambda/options.go @@ -5,7 +5,6 @@ package lambda import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/launchwizard/api_client.go b/service/launchwizard/api_client.go index ad61b0beb95..edeb3e75dc7 100644 --- a/service/launchwizard/api_client.go +++ b/service/launchwizard/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/launchwizard/auth.go b/service/launchwizard/auth.go index 25164250c94..02543832307 100644 --- a/service/launchwizard/auth.go +++ b/service/launchwizard/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/launchwizard/endpoints.go b/service/launchwizard/endpoints.go index 002f828a81f..18335ddcb88 100644 --- a/service/launchwizard/endpoints.go +++ b/service/launchwizard/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/launchwizard/options.go b/service/launchwizard/options.go index 01ea210d226..a41eb676711 100644 --- a/service/launchwizard/options.go +++ b/service/launchwizard/options.go @@ -5,7 +5,6 @@ package launchwizard import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexmodelbuildingservice/api_client.go b/service/lexmodelbuildingservice/api_client.go index e429653cb1a..53088b6bfd9 100644 --- a/service/lexmodelbuildingservice/api_client.go +++ b/service/lexmodelbuildingservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexmodelbuildingservice/auth.go b/service/lexmodelbuildingservice/auth.go index 365ad0e0071..855958233cd 100644 --- a/service/lexmodelbuildingservice/auth.go +++ b/service/lexmodelbuildingservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexmodelbuildingservice/endpoints.go b/service/lexmodelbuildingservice/endpoints.go index 104ff636296..06abb2ee1a3 100644 --- a/service/lexmodelbuildingservice/endpoints.go +++ b/service/lexmodelbuildingservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -516,7 +515,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -545,9 +544,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -558,7 +554,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexmodelbuildingservice/options.go b/service/lexmodelbuildingservice/options.go index 84c7165eae8..18157169360 100644 --- a/service/lexmodelbuildingservice/options.go +++ b/service/lexmodelbuildingservice/options.go @@ -5,7 +5,6 @@ package lexmodelbuildingservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexmodelsv2/api_client.go b/service/lexmodelsv2/api_client.go index dc739b296da..03d774e4259 100644 --- a/service/lexmodelsv2/api_client.go +++ b/service/lexmodelsv2/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexmodelsv2/auth.go b/service/lexmodelsv2/auth.go index 1c74cbc14e8..2e4a3cd17eb 100644 --- a/service/lexmodelsv2/auth.go +++ b/service/lexmodelsv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexmodelsv2/endpoints.go b/service/lexmodelsv2/endpoints.go index 88eceb9eab3..7f1a249dcf8 100644 --- a/service/lexmodelsv2/endpoints.go +++ b/service/lexmodelsv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexmodelsv2/options.go b/service/lexmodelsv2/options.go index 82a3fb0e921..a26948027ae 100644 --- a/service/lexmodelsv2/options.go +++ b/service/lexmodelsv2/options.go @@ -5,7 +5,6 @@ package lexmodelsv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexruntimeservice/api_client.go b/service/lexruntimeservice/api_client.go index 2d394055b7f..019ba17822a 100644 --- a/service/lexruntimeservice/api_client.go +++ b/service/lexruntimeservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexruntimeservice/auth.go b/service/lexruntimeservice/auth.go index 93ce9135fb6..7d399d0f393 100644 --- a/service/lexruntimeservice/auth.go +++ b/service/lexruntimeservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexruntimeservice/endpoints.go b/service/lexruntimeservice/endpoints.go index b67ca84a434..e21e8d7e6c8 100644 --- a/service/lexruntimeservice/endpoints.go +++ b/service/lexruntimeservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -516,7 +515,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -545,9 +544,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -558,7 +554,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexruntimeservice/options.go b/service/lexruntimeservice/options.go index af99dd6f231..adef318e20c 100644 --- a/service/lexruntimeservice/options.go +++ b/service/lexruntimeservice/options.go @@ -5,7 +5,6 @@ package lexruntimeservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexruntimev2/api_client.go b/service/lexruntimev2/api_client.go index ea969f1a1f4..ea81162288d 100644 --- a/service/lexruntimev2/api_client.go +++ b/service/lexruntimev2/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lexruntimev2/auth.go b/service/lexruntimev2/auth.go index bb81065f692..ae56fab8e1e 100644 --- a/service/lexruntimev2/auth.go +++ b/service/lexruntimev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexruntimev2/endpoints.go b/service/lexruntimev2/endpoints.go index fcf4afb329c..c2cc0c059e1 100644 --- a/service/lexruntimev2/endpoints.go +++ b/service/lexruntimev2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexruntimev2/options.go b/service/lexruntimev2/options.go index f82a7b39c94..9f4d6b480db 100644 --- a/service/lexruntimev2/options.go +++ b/service/lexruntimev2/options.go @@ -5,7 +5,6 @@ package lexruntimev2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanager/api_client.go b/service/licensemanager/api_client.go index 8cb156934d0..e3c31e05e57 100644 --- a/service/licensemanager/api_client.go +++ b/service/licensemanager/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/licensemanager/auth.go b/service/licensemanager/auth.go index b33bd00121e..d31986262d4 100644 --- a/service/licensemanager/auth.go +++ b/service/licensemanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanager/endpoints.go b/service/licensemanager/endpoints.go index a42f4e22750..8544d3dab2b 100644 --- a/service/licensemanager/endpoints.go +++ b/service/licensemanager/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanager/options.go b/service/licensemanager/options.go index 83b7c00902e..ee36a821e3c 100644 --- a/service/licensemanager/options.go +++ b/service/licensemanager/options.go @@ -5,7 +5,6 @@ package licensemanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanagerlinuxsubscriptions/api_client.go b/service/licensemanagerlinuxsubscriptions/api_client.go index 6438101f9ee..7717700004c 100644 --- a/service/licensemanagerlinuxsubscriptions/api_client.go +++ b/service/licensemanagerlinuxsubscriptions/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/licensemanagerlinuxsubscriptions/auth.go b/service/licensemanagerlinuxsubscriptions/auth.go index b73f9b12640..496c786519d 100644 --- a/service/licensemanagerlinuxsubscriptions/auth.go +++ b/service/licensemanagerlinuxsubscriptions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanagerlinuxsubscriptions/endpoints.go b/service/licensemanagerlinuxsubscriptions/endpoints.go index 2f2a97e3560..a16699e7071 100644 --- a/service/licensemanagerlinuxsubscriptions/endpoints.go +++ b/service/licensemanagerlinuxsubscriptions/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanagerlinuxsubscriptions/options.go b/service/licensemanagerlinuxsubscriptions/options.go index 1a264694ce7..c8dd48f8d40 100644 --- a/service/licensemanagerlinuxsubscriptions/options.go +++ b/service/licensemanagerlinuxsubscriptions/options.go @@ -5,7 +5,6 @@ package licensemanagerlinuxsubscriptions import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanagerusersubscriptions/api_client.go b/service/licensemanagerusersubscriptions/api_client.go index 2c53b00a8aa..74dcf96df9c 100644 --- a/service/licensemanagerusersubscriptions/api_client.go +++ b/service/licensemanagerusersubscriptions/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/licensemanagerusersubscriptions/auth.go b/service/licensemanagerusersubscriptions/auth.go index b1f26d4fb1a..b9bd20f3bdd 100644 --- a/service/licensemanagerusersubscriptions/auth.go +++ b/service/licensemanagerusersubscriptions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanagerusersubscriptions/endpoints.go b/service/licensemanagerusersubscriptions/endpoints.go index 83a22db497c..2cd7222c10a 100644 --- a/service/licensemanagerusersubscriptions/endpoints.go +++ b/service/licensemanagerusersubscriptions/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanagerusersubscriptions/options.go b/service/licensemanagerusersubscriptions/options.go index 64cddf9d600..cdbf6317e85 100644 --- a/service/licensemanagerusersubscriptions/options.go +++ b/service/licensemanagerusersubscriptions/options.go @@ -5,7 +5,6 @@ package licensemanagerusersubscriptions import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lightsail/api_client.go b/service/lightsail/api_client.go index e7c0ef3b5a9..044f62c4932 100644 --- a/service/lightsail/api_client.go +++ b/service/lightsail/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lightsail/auth.go b/service/lightsail/auth.go index d74c22c81eb..ead0dd5f2fd 100644 --- a/service/lightsail/auth.go +++ b/service/lightsail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lightsail/endpoints.go b/service/lightsail/endpoints.go index bb4c73923bc..fb1bf128e26 100644 --- a/service/lightsail/endpoints.go +++ b/service/lightsail/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lightsail/options.go b/service/lightsail/options.go index 362dc1dc340..ec95be44fc2 100644 --- a/service/lightsail/options.go +++ b/service/lightsail/options.go @@ -5,7 +5,6 @@ package lightsail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/location/api_client.go b/service/location/api_client.go index 36f298eb57c..2df8ba8a5eb 100644 --- a/service/location/api_client.go +++ b/service/location/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/location/auth.go b/service/location/auth.go index dde484a61a5..ed1aedaf4a6 100644 --- a/service/location/auth.go +++ b/service/location/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/location/endpoints.go b/service/location/endpoints.go index ea6e9735133..84c111e236b 100644 --- a/service/location/endpoints.go +++ b/service/location/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/location/options.go b/service/location/options.go index e657e792067..b2f09612356 100644 --- a/service/location/options.go +++ b/service/location/options.go @@ -5,7 +5,6 @@ package location import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutequipment/api_client.go b/service/lookoutequipment/api_client.go index a8b97045f27..51e382cdebf 100644 --- a/service/lookoutequipment/api_client.go +++ b/service/lookoutequipment/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lookoutequipment/auth.go b/service/lookoutequipment/auth.go index 12962b819df..d15f3f05e4d 100644 --- a/service/lookoutequipment/auth.go +++ b/service/lookoutequipment/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutequipment/endpoints.go b/service/lookoutequipment/endpoints.go index ccbcf35a3b4..d9f066daf80 100644 --- a/service/lookoutequipment/endpoints.go +++ b/service/lookoutequipment/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutequipment/options.go b/service/lookoutequipment/options.go index 08ccc523f8b..dbb223aa037 100644 --- a/service/lookoutequipment/options.go +++ b/service/lookoutequipment/options.go @@ -5,7 +5,6 @@ package lookoutequipment import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutmetrics/api_client.go b/service/lookoutmetrics/api_client.go index 90e26379639..99ebf1c1a07 100644 --- a/service/lookoutmetrics/api_client.go +++ b/service/lookoutmetrics/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lookoutmetrics/auth.go b/service/lookoutmetrics/auth.go index d32b5cdec01..c2aef4c15d9 100644 --- a/service/lookoutmetrics/auth.go +++ b/service/lookoutmetrics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutmetrics/endpoints.go b/service/lookoutmetrics/endpoints.go index 2c6a1c43f79..32c5fa523fa 100644 --- a/service/lookoutmetrics/endpoints.go +++ b/service/lookoutmetrics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutmetrics/options.go b/service/lookoutmetrics/options.go index 5423b767489..2438aeaa481 100644 --- a/service/lookoutmetrics/options.go +++ b/service/lookoutmetrics/options.go @@ -5,7 +5,6 @@ package lookoutmetrics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutvision/api_client.go b/service/lookoutvision/api_client.go index 5dbc96b9a07..f8c1d6214fe 100644 --- a/service/lookoutvision/api_client.go +++ b/service/lookoutvision/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/lookoutvision/auth.go b/service/lookoutvision/auth.go index d758b3bddd5..c13d3ef3a71 100644 --- a/service/lookoutvision/auth.go +++ b/service/lookoutvision/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutvision/endpoints.go b/service/lookoutvision/endpoints.go index a91d10d6bda..a8cd3971ae2 100644 --- a/service/lookoutvision/endpoints.go +++ b/service/lookoutvision/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutvision/options.go b/service/lookoutvision/options.go index 13b02e9b1a1..ba9ea96c772 100644 --- a/service/lookoutvision/options.go +++ b/service/lookoutvision/options.go @@ -5,7 +5,6 @@ package lookoutvision import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/m2/api_client.go b/service/m2/api_client.go index c401aea1785..b5ed62e95f0 100644 --- a/service/m2/api_client.go +++ b/service/m2/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/m2/auth.go b/service/m2/auth.go index a0eab95fa11..b0ca0a88579 100644 --- a/service/m2/auth.go +++ b/service/m2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/m2/endpoints.go b/service/m2/endpoints.go index 4ac986eff04..6b337737c16 100644 --- a/service/m2/endpoints.go +++ b/service/m2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/m2/options.go b/service/m2/options.go index 3459f43f267..eaa056a41d4 100644 --- a/service/m2/options.go +++ b/service/m2/options.go @@ -5,7 +5,6 @@ package m2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/machinelearning/api_client.go b/service/machinelearning/api_client.go index bd3bcc38f31..d4aa4264e49 100644 --- a/service/machinelearning/api_client.go +++ b/service/machinelearning/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/machinelearning/auth.go b/service/machinelearning/auth.go index 4e9ddab5e8f..b43ad6a0989 100644 --- a/service/machinelearning/auth.go +++ b/service/machinelearning/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/machinelearning/endpoints.go b/service/machinelearning/endpoints.go index 92b1b7c1d37..69c28ba5014 100644 --- a/service/machinelearning/endpoints.go +++ b/service/machinelearning/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/machinelearning/options.go b/service/machinelearning/options.go index ce1a887faf3..daf5223a2f6 100644 --- a/service/machinelearning/options.go +++ b/service/machinelearning/options.go @@ -5,7 +5,6 @@ package machinelearning import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/macie2/api_client.go b/service/macie2/api_client.go index 4945927e6ca..0bf2e931cc2 100644 --- a/service/macie2/api_client.go +++ b/service/macie2/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/macie2/auth.go b/service/macie2/auth.go index 7574f48e773..b383ee11f22 100644 --- a/service/macie2/auth.go +++ b/service/macie2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/macie2/endpoints.go b/service/macie2/endpoints.go index 7098a143cc8..53a35328dee 100644 --- a/service/macie2/endpoints.go +++ b/service/macie2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/macie2/options.go b/service/macie2/options.go index f2fe50aa89d..bf8cee97437 100644 --- a/service/macie2/options.go +++ b/service/macie2/options.go @@ -5,7 +5,6 @@ package macie2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchain/api_client.go b/service/managedblockchain/api_client.go index aef75819b9e..1e298400fa4 100644 --- a/service/managedblockchain/api_client.go +++ b/service/managedblockchain/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/managedblockchain/auth.go b/service/managedblockchain/auth.go index df676d93ca8..6bb7ffb526c 100644 --- a/service/managedblockchain/auth.go +++ b/service/managedblockchain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/managedblockchain/endpoints.go b/service/managedblockchain/endpoints.go index 94785b15782..0ef23158815 100644 --- a/service/managedblockchain/endpoints.go +++ b/service/managedblockchain/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/managedblockchain/options.go b/service/managedblockchain/options.go index 99a7ad09b45..d6b01206e49 100644 --- a/service/managedblockchain/options.go +++ b/service/managedblockchain/options.go @@ -5,7 +5,6 @@ package managedblockchain import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchainquery/api_client.go b/service/managedblockchainquery/api_client.go index 770a6da9a03..fc2c5ad82e2 100644 --- a/service/managedblockchainquery/api_client.go +++ b/service/managedblockchainquery/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/managedblockchainquery/auth.go b/service/managedblockchainquery/auth.go index 661ffe02bc0..64a0ee71614 100644 --- a/service/managedblockchainquery/auth.go +++ b/service/managedblockchainquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/managedblockchainquery/endpoints.go b/service/managedblockchainquery/endpoints.go index 99fed3f1e6c..749fcc2ac10 100644 --- a/service/managedblockchainquery/endpoints.go +++ b/service/managedblockchainquery/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/managedblockchainquery/options.go b/service/managedblockchainquery/options.go index c62eedf17a3..8738f17a254 100644 --- a/service/managedblockchainquery/options.go +++ b/service/managedblockchainquery/options.go @@ -5,7 +5,6 @@ package managedblockchainquery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplaceagreement/api_client.go b/service/marketplaceagreement/api_client.go index deaa05c61d7..7f31cb35e23 100644 --- a/service/marketplaceagreement/api_client.go +++ b/service/marketplaceagreement/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplaceagreement/auth.go b/service/marketplaceagreement/auth.go index c1f3a2c5d1c..e1158bbbfc5 100644 --- a/service/marketplaceagreement/auth.go +++ b/service/marketplaceagreement/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplaceagreement/endpoints.go b/service/marketplaceagreement/endpoints.go index 9f04053f420..222ab02977c 100644 --- a/service/marketplaceagreement/endpoints.go +++ b/service/marketplaceagreement/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplaceagreement/options.go b/service/marketplaceagreement/options.go index 69901a1aa9f..9ee60337932 100644 --- a/service/marketplaceagreement/options.go +++ b/service/marketplaceagreement/options.go @@ -5,7 +5,6 @@ package marketplaceagreement import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacecatalog/api_client.go b/service/marketplacecatalog/api_client.go index a8b7cc583e0..a94eff98f03 100644 --- a/service/marketplacecatalog/api_client.go +++ b/service/marketplacecatalog/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacecatalog/auth.go b/service/marketplacecatalog/auth.go index d43b5a461b1..98603fa0055 100644 --- a/service/marketplacecatalog/auth.go +++ b/service/marketplacecatalog/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacecatalog/endpoints.go b/service/marketplacecatalog/endpoints.go index 1e61354ee87..4e09bf38b86 100644 --- a/service/marketplacecatalog/endpoints.go +++ b/service/marketplacecatalog/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacecatalog/options.go b/service/marketplacecatalog/options.go index 7a194077033..8b1efa9bf6c 100644 --- a/service/marketplacecatalog/options.go +++ b/service/marketplacecatalog/options.go @@ -5,7 +5,6 @@ package marketplacecatalog import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacecommerceanalytics/api_client.go b/service/marketplacecommerceanalytics/api_client.go index 14cb4007610..f4737961f1f 100644 --- a/service/marketplacecommerceanalytics/api_client.go +++ b/service/marketplacecommerceanalytics/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacecommerceanalytics/auth.go b/service/marketplacecommerceanalytics/auth.go index 3bdcbea59b1..f72a1ed55b5 100644 --- a/service/marketplacecommerceanalytics/auth.go +++ b/service/marketplacecommerceanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacecommerceanalytics/endpoints.go b/service/marketplacecommerceanalytics/endpoints.go index 7ad9a1448ba..b2967415c94 100644 --- a/service/marketplacecommerceanalytics/endpoints.go +++ b/service/marketplacecommerceanalytics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacecommerceanalytics/options.go b/service/marketplacecommerceanalytics/options.go index 7fe65f074aa..1330c0fc695 100644 --- a/service/marketplacecommerceanalytics/options.go +++ b/service/marketplacecommerceanalytics/options.go @@ -5,7 +5,6 @@ package marketplacecommerceanalytics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacedeployment/api_client.go b/service/marketplacedeployment/api_client.go index 7d3c2f6903d..bff64b9f55c 100644 --- a/service/marketplacedeployment/api_client.go +++ b/service/marketplacedeployment/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacedeployment/auth.go b/service/marketplacedeployment/auth.go index a4d8ac3dc90..6081e5a7ee2 100644 --- a/service/marketplacedeployment/auth.go +++ b/service/marketplacedeployment/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacedeployment/endpoints.go b/service/marketplacedeployment/endpoints.go index 2b01f77a008..084d0800395 100644 --- a/service/marketplacedeployment/endpoints.go +++ b/service/marketplacedeployment/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacedeployment/options.go b/service/marketplacedeployment/options.go index bc0d5eb2b3c..8389de8c430 100644 --- a/service/marketplacedeployment/options.go +++ b/service/marketplacedeployment/options.go @@ -5,7 +5,6 @@ package marketplacedeployment import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplaceentitlementservice/api_client.go b/service/marketplaceentitlementservice/api_client.go index 318ba6cb60a..36162952e35 100644 --- a/service/marketplaceentitlementservice/api_client.go +++ b/service/marketplaceentitlementservice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplaceentitlementservice/auth.go b/service/marketplaceentitlementservice/auth.go index 8f529c0f9e7..f75c7f9d95a 100644 --- a/service/marketplaceentitlementservice/auth.go +++ b/service/marketplaceentitlementservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplaceentitlementservice/endpoints.go b/service/marketplaceentitlementservice/endpoints.go index a77f0dc653a..584121f1218 100644 --- a/service/marketplaceentitlementservice/endpoints.go +++ b/service/marketplaceentitlementservice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplaceentitlementservice/options.go b/service/marketplaceentitlementservice/options.go index 3eb575e66b4..c2184e89dfb 100644 --- a/service/marketplaceentitlementservice/options.go +++ b/service/marketplaceentitlementservice/options.go @@ -5,7 +5,6 @@ package marketplaceentitlementservice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacemetering/api_client.go b/service/marketplacemetering/api_client.go index 57d1d368463..fcee0835df1 100644 --- a/service/marketplacemetering/api_client.go +++ b/service/marketplacemetering/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/marketplacemetering/auth.go b/service/marketplacemetering/auth.go index 4e5a1475d5e..c1bf21503b1 100644 --- a/service/marketplacemetering/auth.go +++ b/service/marketplacemetering/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacemetering/endpoints.go b/service/marketplacemetering/endpoints.go index df87c84d9f4..6f24a81c2bf 100644 --- a/service/marketplacemetering/endpoints.go +++ b/service/marketplacemetering/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacemetering/options.go b/service/marketplacemetering/options.go index 652b8f87c0f..37da8e25dcc 100644 --- a/service/marketplacemetering/options.go +++ b/service/marketplacemetering/options.go @@ -5,7 +5,6 @@ package marketplacemetering import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediaconnect/api_client.go b/service/mediaconnect/api_client.go index 4df6f71a25a..9ac8bbee459 100644 --- a/service/mediaconnect/api_client.go +++ b/service/mediaconnect/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediaconnect/auth.go b/service/mediaconnect/auth.go index c52eea54593..4df5cfc35e8 100644 --- a/service/mediaconnect/auth.go +++ b/service/mediaconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediaconnect/endpoints.go b/service/mediaconnect/endpoints.go index c054118a3f1..714175918f0 100644 --- a/service/mediaconnect/endpoints.go +++ b/service/mediaconnect/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediaconnect/options.go b/service/mediaconnect/options.go index a2219ba9792..ee6b25da336 100644 --- a/service/mediaconnect/options.go +++ b/service/mediaconnect/options.go @@ -5,7 +5,6 @@ package mediaconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediaconvert/api_client.go b/service/mediaconvert/api_client.go index e0ad545c3b3..daa31c39223 100644 --- a/service/mediaconvert/api_client.go +++ b/service/mediaconvert/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediaconvert/auth.go b/service/mediaconvert/auth.go index ebdbfad5214..f82fcebb752 100644 --- a/service/mediaconvert/auth.go +++ b/service/mediaconvert/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediaconvert/endpoints.go b/service/mediaconvert/endpoints.go index 77dde7c52c9..12a69bc1ad0 100644 --- a/service/mediaconvert/endpoints.go +++ b/service/mediaconvert/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -472,7 +471,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -501,9 +500,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -514,7 +510,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediaconvert/options.go b/service/mediaconvert/options.go index b9ec05dde27..4fe061edf71 100644 --- a/service/mediaconvert/options.go +++ b/service/mediaconvert/options.go @@ -5,7 +5,6 @@ package mediaconvert import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/medialive/api_client.go b/service/medialive/api_client.go index 7930889e52a..f44853ad5ed 100644 --- a/service/medialive/api_client.go +++ b/service/medialive/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/medialive/auth.go b/service/medialive/auth.go index eca4a343b97..46fb5302d22 100644 --- a/service/medialive/auth.go +++ b/service/medialive/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/medialive/endpoints.go b/service/medialive/endpoints.go index f2fd2653e9c..6747f6d5094 100644 --- a/service/medialive/endpoints.go +++ b/service/medialive/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/medialive/options.go b/service/medialive/options.go index 906bedd029e..ec81cc5dee8 100644 --- a/service/medialive/options.go +++ b/service/medialive/options.go @@ -5,7 +5,6 @@ package medialive import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackage/api_client.go b/service/mediapackage/api_client.go index b88b64afbc2..8b0165e9f20 100644 --- a/service/mediapackage/api_client.go +++ b/service/mediapackage/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediapackage/auth.go b/service/mediapackage/auth.go index 9c0d0e34e02..c0c4052adc4 100644 --- a/service/mediapackage/auth.go +++ b/service/mediapackage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackage/endpoints.go b/service/mediapackage/endpoints.go index 46e7b10a246..7ceaab9f193 100644 --- a/service/mediapackage/endpoints.go +++ b/service/mediapackage/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackage/options.go b/service/mediapackage/options.go index 66f5330e130..39ec32fa1d3 100644 --- a/service/mediapackage/options.go +++ b/service/mediapackage/options.go @@ -5,7 +5,6 @@ package mediapackage import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackagev2/api_client.go b/service/mediapackagev2/api_client.go index c53bab86282..7760163f498 100644 --- a/service/mediapackagev2/api_client.go +++ b/service/mediapackagev2/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediapackagev2/auth.go b/service/mediapackagev2/auth.go index 791629e9ce4..27bb7dc022e 100644 --- a/service/mediapackagev2/auth.go +++ b/service/mediapackagev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackagev2/endpoints.go b/service/mediapackagev2/endpoints.go index 54dfb5ccb8c..9fc9c51dce6 100644 --- a/service/mediapackagev2/endpoints.go +++ b/service/mediapackagev2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackagev2/options.go b/service/mediapackagev2/options.go index 1c6c9b88900..1675fdc9ee6 100644 --- a/service/mediapackagev2/options.go +++ b/service/mediapackagev2/options.go @@ -5,7 +5,6 @@ package mediapackagev2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackagevod/api_client.go b/service/mediapackagevod/api_client.go index 50b50060556..cca6e4fe24f 100644 --- a/service/mediapackagevod/api_client.go +++ b/service/mediapackagevod/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediapackagevod/auth.go b/service/mediapackagevod/auth.go index 52c18c78cbb..11fbafdc5e2 100644 --- a/service/mediapackagevod/auth.go +++ b/service/mediapackagevod/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackagevod/endpoints.go b/service/mediapackagevod/endpoints.go index ee04ce6942f..dfab9252ff8 100644 --- a/service/mediapackagevod/endpoints.go +++ b/service/mediapackagevod/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackagevod/options.go b/service/mediapackagevod/options.go index d8c3a9c4d3f..c442d68e51b 100644 --- a/service/mediapackagevod/options.go +++ b/service/mediapackagevod/options.go @@ -5,7 +5,6 @@ package mediapackagevod import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediastore/api_client.go b/service/mediastore/api_client.go index 7ca337d7565..7d7beff274b 100644 --- a/service/mediastore/api_client.go +++ b/service/mediastore/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediastore/auth.go b/service/mediastore/auth.go index 540449408d7..9c4b4f065e2 100644 --- a/service/mediastore/auth.go +++ b/service/mediastore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediastore/endpoints.go b/service/mediastore/endpoints.go index 5dd950aaf38..4caf3f4d7cd 100644 --- a/service/mediastore/endpoints.go +++ b/service/mediastore/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediastore/options.go b/service/mediastore/options.go index 86e62e711e0..eb2dfdac997 100644 --- a/service/mediastore/options.go +++ b/service/mediastore/options.go @@ -5,7 +5,6 @@ package mediastore import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediastoredata/api_client.go b/service/mediastoredata/api_client.go index 8816f75ed0e..87910bd1e6c 100644 --- a/service/mediastoredata/api_client.go +++ b/service/mediastoredata/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediastoredata/auth.go b/service/mediastoredata/auth.go index 3d13eeb3ca6..5a1fd4fe886 100644 --- a/service/mediastoredata/auth.go +++ b/service/mediastoredata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediastoredata/endpoints.go b/service/mediastoredata/endpoints.go index 821ab04e9ea..87419ddaede 100644 --- a/service/mediastoredata/endpoints.go +++ b/service/mediastoredata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediastoredata/options.go b/service/mediastoredata/options.go index 61336a7f260..dc72f32ff42 100644 --- a/service/mediastoredata/options.go +++ b/service/mediastoredata/options.go @@ -5,7 +5,6 @@ package mediastoredata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediatailor/api_client.go b/service/mediatailor/api_client.go index 3f0bfbed352..7d4ed37034b 100644 --- a/service/mediatailor/api_client.go +++ b/service/mediatailor/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mediatailor/auth.go b/service/mediatailor/auth.go index adfe620ba64..4d3bf974c6a 100644 --- a/service/mediatailor/auth.go +++ b/service/mediatailor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediatailor/endpoints.go b/service/mediatailor/endpoints.go index a80cfa39ebb..03c305b96a8 100644 --- a/service/mediatailor/endpoints.go +++ b/service/mediatailor/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediatailor/options.go b/service/mediatailor/options.go index 27c0a4808ec..6a54a999684 100644 --- a/service/mediatailor/options.go +++ b/service/mediatailor/options.go @@ -5,7 +5,6 @@ package mediatailor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/medicalimaging/api_client.go b/service/medicalimaging/api_client.go index 5ad49232bb4..cdead324fbe 100644 --- a/service/medicalimaging/api_client.go +++ b/service/medicalimaging/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/medicalimaging/auth.go b/service/medicalimaging/auth.go index 03a15b9526e..1650413683e 100644 --- a/service/medicalimaging/auth.go +++ b/service/medicalimaging/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/medicalimaging/endpoints.go b/service/medicalimaging/endpoints.go index 4aa4abc5e56..f3517227e7e 100644 --- a/service/medicalimaging/endpoints.go +++ b/service/medicalimaging/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/medicalimaging/options.go b/service/medicalimaging/options.go index 7df740d9844..e58a40aff2c 100644 --- a/service/medicalimaging/options.go +++ b/service/medicalimaging/options.go @@ -5,7 +5,6 @@ package medicalimaging import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/memorydb/api_client.go b/service/memorydb/api_client.go index edf44d8955b..c74e8a286d4 100644 --- a/service/memorydb/api_client.go +++ b/service/memorydb/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/memorydb/auth.go b/service/memorydb/auth.go index 7fd701638fe..9ea7dc9d2b7 100644 --- a/service/memorydb/auth.go +++ b/service/memorydb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/memorydb/endpoints.go b/service/memorydb/endpoints.go index 662a553b0b5..c9c2d4f8a9d 100644 --- a/service/memorydb/endpoints.go +++ b/service/memorydb/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -471,7 +470,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -500,9 +499,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -513,7 +509,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/memorydb/options.go b/service/memorydb/options.go index 16a564bcaa7..8f1b5c652a2 100644 --- a/service/memorydb/options.go +++ b/service/memorydb/options.go @@ -5,7 +5,6 @@ package memorydb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mgn/api_client.go b/service/mgn/api_client.go index 7e49fd68043..f5ec7e498d0 100644 --- a/service/mgn/api_client.go +++ b/service/mgn/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mgn/auth.go b/service/mgn/auth.go index 87a7c4312a7..033ec36a96a 100644 --- a/service/mgn/auth.go +++ b/service/mgn/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mgn/endpoints.go b/service/mgn/endpoints.go index da43921a3da..d2e114d35c5 100644 --- a/service/mgn/endpoints.go +++ b/service/mgn/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mgn/options.go b/service/mgn/options.go index 29e522da472..a9c905a99dc 100644 --- a/service/mgn/options.go +++ b/service/mgn/options.go @@ -5,7 +5,6 @@ package mgn import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhub/api_client.go b/service/migrationhub/api_client.go index 516cb1f2025..dc6d33a9adf 100644 --- a/service/migrationhub/api_client.go +++ b/service/migrationhub/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhub/auth.go b/service/migrationhub/auth.go index 554a0daff5e..d89541b35d6 100644 --- a/service/migrationhub/auth.go +++ b/service/migrationhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhub/endpoints.go b/service/migrationhub/endpoints.go index cba3b5a1ef6..15ba8c0f640 100644 --- a/service/migrationhub/endpoints.go +++ b/service/migrationhub/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhub/options.go b/service/migrationhub/options.go index 3b5159dd184..63b9a730057 100644 --- a/service/migrationhub/options.go +++ b/service/migrationhub/options.go @@ -5,7 +5,6 @@ package migrationhub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubconfig/api_client.go b/service/migrationhubconfig/api_client.go index c7bfd66a5aa..1e18de4f824 100644 --- a/service/migrationhubconfig/api_client.go +++ b/service/migrationhubconfig/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhubconfig/auth.go b/service/migrationhubconfig/auth.go index e138c11a2c2..267a296e096 100644 --- a/service/migrationhubconfig/auth.go +++ b/service/migrationhubconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubconfig/endpoints.go b/service/migrationhubconfig/endpoints.go index 4f45de7dedd..d5bffddbe4a 100644 --- a/service/migrationhubconfig/endpoints.go +++ b/service/migrationhubconfig/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubconfig/options.go b/service/migrationhubconfig/options.go index e6ef12fa3c7..e769426399a 100644 --- a/service/migrationhubconfig/options.go +++ b/service/migrationhubconfig/options.go @@ -5,7 +5,6 @@ package migrationhubconfig import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhuborchestrator/api_client.go b/service/migrationhuborchestrator/api_client.go index 2d835e89ec2..2490eefc969 100644 --- a/service/migrationhuborchestrator/api_client.go +++ b/service/migrationhuborchestrator/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhuborchestrator/auth.go b/service/migrationhuborchestrator/auth.go index 71f78b13f2a..dc6fe954b50 100644 --- a/service/migrationhuborchestrator/auth.go +++ b/service/migrationhuborchestrator/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhuborchestrator/endpoints.go b/service/migrationhuborchestrator/endpoints.go index 6551f2d3c82..cf2a0dc7c0f 100644 --- a/service/migrationhuborchestrator/endpoints.go +++ b/service/migrationhuborchestrator/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhuborchestrator/options.go b/service/migrationhuborchestrator/options.go index 8048d515e61..99e3e91c710 100644 --- a/service/migrationhuborchestrator/options.go +++ b/service/migrationhuborchestrator/options.go @@ -5,7 +5,6 @@ package migrationhuborchestrator import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubrefactorspaces/api_client.go b/service/migrationhubrefactorspaces/api_client.go index c77c8bcf08f..c1a5ac35d41 100644 --- a/service/migrationhubrefactorspaces/api_client.go +++ b/service/migrationhubrefactorspaces/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhubrefactorspaces/auth.go b/service/migrationhubrefactorspaces/auth.go index 6bc8aa532d8..79884622158 100644 --- a/service/migrationhubrefactorspaces/auth.go +++ b/service/migrationhubrefactorspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubrefactorspaces/endpoints.go b/service/migrationhubrefactorspaces/endpoints.go index c76e734d02b..6e6d45c549f 100644 --- a/service/migrationhubrefactorspaces/endpoints.go +++ b/service/migrationhubrefactorspaces/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubrefactorspaces/options.go b/service/migrationhubrefactorspaces/options.go index b981b4f0fdf..dc47d3edcc7 100644 --- a/service/migrationhubrefactorspaces/options.go +++ b/service/migrationhubrefactorspaces/options.go @@ -5,7 +5,6 @@ package migrationhubrefactorspaces import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubstrategy/api_client.go b/service/migrationhubstrategy/api_client.go index 89d565201fd..e02e10bd6cf 100644 --- a/service/migrationhubstrategy/api_client.go +++ b/service/migrationhubstrategy/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/migrationhubstrategy/auth.go b/service/migrationhubstrategy/auth.go index eae8240b218..c26be3e35df 100644 --- a/service/migrationhubstrategy/auth.go +++ b/service/migrationhubstrategy/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubstrategy/endpoints.go b/service/migrationhubstrategy/endpoints.go index 8beece08573..8913f590413 100644 --- a/service/migrationhubstrategy/endpoints.go +++ b/service/migrationhubstrategy/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubstrategy/options.go b/service/migrationhubstrategy/options.go index 38c0e8d5ce3..988fd79ade1 100644 --- a/service/migrationhubstrategy/options.go +++ b/service/migrationhubstrategy/options.go @@ -5,7 +5,6 @@ package migrationhubstrategy import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mobile/api_client.go b/service/mobile/api_client.go index f3fb5bd9a14..86e53f7f4a3 100644 --- a/service/mobile/api_client.go +++ b/service/mobile/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mobile/auth.go b/service/mobile/auth.go index 7daa9d88c2f..0359b30e4ec 100644 --- a/service/mobile/auth.go +++ b/service/mobile/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mobile/endpoints.go b/service/mobile/endpoints.go index c3d999ff8f4..787d1a6ca30 100644 --- a/service/mobile/endpoints.go +++ b/service/mobile/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mobile/options.go b/service/mobile/options.go index 3f031fdc169..6d00135e699 100644 --- a/service/mobile/options.go +++ b/service/mobile/options.go @@ -5,7 +5,6 @@ package mobile import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mq/api_client.go b/service/mq/api_client.go index b769c129cda..9007e3b28fd 100644 --- a/service/mq/api_client.go +++ b/service/mq/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mq/auth.go b/service/mq/auth.go index e3e514ebf4b..b4bd0b92966 100644 --- a/service/mq/auth.go +++ b/service/mq/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mq/endpoints.go b/service/mq/endpoints.go index 4a3a45f1dde..cf8e2d3c097 100644 --- a/service/mq/endpoints.go +++ b/service/mq/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mq/options.go b/service/mq/options.go index 033c26e0af8..8f7eb0483e4 100644 --- a/service/mq/options.go +++ b/service/mq/options.go @@ -5,7 +5,6 @@ package mq import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mturk/api_client.go b/service/mturk/api_client.go index eb7b91c937d..f99e2dc0611 100644 --- a/service/mturk/api_client.go +++ b/service/mturk/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mturk/auth.go b/service/mturk/auth.go index ba15308bfd6..5ab097b2808 100644 --- a/service/mturk/auth.go +++ b/service/mturk/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mturk/endpoints.go b/service/mturk/endpoints.go index a54d592c3d6..f0dc2071be6 100644 --- a/service/mturk/endpoints.go +++ b/service/mturk/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -453,7 +452,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -482,9 +481,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -495,7 +491,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mturk/options.go b/service/mturk/options.go index e1d64c10d99..a3035071e59 100644 --- a/service/mturk/options.go +++ b/service/mturk/options.go @@ -5,7 +5,6 @@ package mturk import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mwaa/api_client.go b/service/mwaa/api_client.go index 95e91ebfaca..8586f146941 100644 --- a/service/mwaa/api_client.go +++ b/service/mwaa/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/mwaa/auth.go b/service/mwaa/auth.go index 8c5e6954615..06e66fb967b 100644 --- a/service/mwaa/auth.go +++ b/service/mwaa/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mwaa/endpoints.go b/service/mwaa/endpoints.go index cfddac906bb..eabfc44c9ba 100644 --- a/service/mwaa/endpoints.go +++ b/service/mwaa/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mwaa/options.go b/service/mwaa/options.go index 5ffcb3cf4f0..406e538271a 100644 --- a/service/mwaa/options.go +++ b/service/mwaa/options.go @@ -5,7 +5,6 @@ package mwaa import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptune/api_client.go b/service/neptune/api_client.go index 3248543a6d7..a56c87a9fac 100644 --- a/service/neptune/api_client.go +++ b/service/neptune/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/neptune/auth.go b/service/neptune/auth.go index b3bf1e4a600..ca9d419446f 100644 --- a/service/neptune/auth.go +++ b/service/neptune/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptune/endpoints.go b/service/neptune/endpoints.go index 894011b0f14..699a665457a 100644 --- a/service/neptune/endpoints.go +++ b/service/neptune/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptune/options.go b/service/neptune/options.go index 53af25329bc..2ca079c69a3 100644 --- a/service/neptune/options.go +++ b/service/neptune/options.go @@ -5,7 +5,6 @@ package neptune import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptunedata/api_client.go b/service/neptunedata/api_client.go index 5ee508eab00..6ac9b95908f 100644 --- a/service/neptunedata/api_client.go +++ b/service/neptunedata/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/neptunedata/auth.go b/service/neptunedata/auth.go index 08b83f2b7a8..92a6c9c0527 100644 --- a/service/neptunedata/auth.go +++ b/service/neptunedata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptunedata/endpoints.go b/service/neptunedata/endpoints.go index 7ed1c939c58..eb372cf40de 100644 --- a/service/neptunedata/endpoints.go +++ b/service/neptunedata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptunedata/options.go b/service/neptunedata/options.go index 512272403be..447aae298a4 100644 --- a/service/neptunedata/options.go +++ b/service/neptunedata/options.go @@ -5,7 +5,6 @@ package neptunedata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptunegraph/api_client.go b/service/neptunegraph/api_client.go index a41fd2f491b..9d939edaf81 100644 --- a/service/neptunegraph/api_client.go +++ b/service/neptunegraph/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/neptunegraph/auth.go b/service/neptunegraph/auth.go index 2f9dde5bc49..c5409c12fcf 100644 --- a/service/neptunegraph/auth.go +++ b/service/neptunegraph/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptunegraph/endpoints.go b/service/neptunegraph/endpoints.go index e44f7e43d9d..ba354e69cda 100644 --- a/service/neptunegraph/endpoints.go +++ b/service/neptunegraph/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -505,7 +504,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -534,9 +533,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -547,7 +543,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptunegraph/options.go b/service/neptunegraph/options.go index f83fa1ce5e8..846efcca619 100644 --- a/service/neptunegraph/options.go +++ b/service/neptunegraph/options.go @@ -5,7 +5,6 @@ package neptunegraph import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkfirewall/api_client.go b/service/networkfirewall/api_client.go index 17b51e462e8..41c436676fb 100644 --- a/service/networkfirewall/api_client.go +++ b/service/networkfirewall/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/networkfirewall/auth.go b/service/networkfirewall/auth.go index 43298594b08..1b9402e8cc9 100644 --- a/service/networkfirewall/auth.go +++ b/service/networkfirewall/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkfirewall/endpoints.go b/service/networkfirewall/endpoints.go index 2b48c251c13..122be24642a 100644 --- a/service/networkfirewall/endpoints.go +++ b/service/networkfirewall/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkfirewall/options.go b/service/networkfirewall/options.go index 7b4c59f4496..062e8dc6628 100644 --- a/service/networkfirewall/options.go +++ b/service/networkfirewall/options.go @@ -5,7 +5,6 @@ package networkfirewall import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkmanager/api_client.go b/service/networkmanager/api_client.go index 43d355c7ceb..4c22e95584b 100644 --- a/service/networkmanager/api_client.go +++ b/service/networkmanager/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/networkmanager/auth.go b/service/networkmanager/auth.go index 4165445d452..93a4a98aff4 100644 --- a/service/networkmanager/auth.go +++ b/service/networkmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkmanager/endpoints.go b/service/networkmanager/endpoints.go index 53432a18a70..91d0b91d051 100644 --- a/service/networkmanager/endpoints.go +++ b/service/networkmanager/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -509,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,9 +537,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -551,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkmanager/options.go b/service/networkmanager/options.go index 9f4a3403c5e..c3a80a8f19f 100644 --- a/service/networkmanager/options.go +++ b/service/networkmanager/options.go @@ -5,7 +5,6 @@ package networkmanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkmonitor/api_client.go b/service/networkmonitor/api_client.go index ede0b02307f..02e2d8f5d83 100644 --- a/service/networkmonitor/api_client.go +++ b/service/networkmonitor/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/networkmonitor/auth.go b/service/networkmonitor/auth.go index 2092748f120..4e8dbcd26eb 100644 --- a/service/networkmonitor/auth.go +++ b/service/networkmonitor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkmonitor/endpoints.go b/service/networkmonitor/endpoints.go index 7c6fc5743b5..88141f9cec5 100644 --- a/service/networkmonitor/endpoints.go +++ b/service/networkmonitor/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkmonitor/options.go b/service/networkmonitor/options.go index 5cf482182a5..90427c15d77 100644 --- a/service/networkmonitor/options.go +++ b/service/networkmonitor/options.go @@ -5,7 +5,6 @@ package networkmonitor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/nimble/api_client.go b/service/nimble/api_client.go index 8b1f40a3ea6..355c015e228 100644 --- a/service/nimble/api_client.go +++ b/service/nimble/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/nimble/auth.go b/service/nimble/auth.go index 559d0d28f8c..a132e9880ab 100644 --- a/service/nimble/auth.go +++ b/service/nimble/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/nimble/endpoints.go b/service/nimble/endpoints.go index 6687b0597ef..0b7aecabfc8 100644 --- a/service/nimble/endpoints.go +++ b/service/nimble/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/nimble/options.go b/service/nimble/options.go index f1bcdace743..d839d14c433 100644 --- a/service/nimble/options.go +++ b/service/nimble/options.go @@ -5,7 +5,6 @@ package nimble import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/oam/api_client.go b/service/oam/api_client.go index 70fe9364204..5a356fa9614 100644 --- a/service/oam/api_client.go +++ b/service/oam/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/oam/auth.go b/service/oam/auth.go index efe794bb158..7f45f8d46ab 100644 --- a/service/oam/auth.go +++ b/service/oam/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/oam/endpoints.go b/service/oam/endpoints.go index b509c024355..331f5e1b7e5 100644 --- a/service/oam/endpoints.go +++ b/service/oam/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/oam/options.go b/service/oam/options.go index b91a4bbbc3a..24180adaa4e 100644 --- a/service/oam/options.go +++ b/service/oam/options.go @@ -5,7 +5,6 @@ package oam import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/omics/api_client.go b/service/omics/api_client.go index 8de0a6bd197..08ba6cf5462 100644 --- a/service/omics/api_client.go +++ b/service/omics/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/omics/auth.go b/service/omics/auth.go index 681022b382d..83a846acccf 100644 --- a/service/omics/auth.go +++ b/service/omics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/omics/endpoints.go b/service/omics/endpoints.go index f7ab7c4c0bd..ad32ab91189 100644 --- a/service/omics/endpoints.go +++ b/service/omics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/omics/options.go b/service/omics/options.go index 3f8b72b23b9..2f58759c3b9 100644 --- a/service/omics/options.go +++ b/service/omics/options.go @@ -5,7 +5,6 @@ package omics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opensearch/api_client.go b/service/opensearch/api_client.go index 0fcceeda728..c421bcdf014 100644 --- a/service/opensearch/api_client.go +++ b/service/opensearch/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opensearch/auth.go b/service/opensearch/auth.go index 8cba72ffc00..8b5a30b77a8 100644 --- a/service/opensearch/auth.go +++ b/service/opensearch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opensearch/endpoints.go b/service/opensearch/endpoints.go index 8378369b328..365040b50d6 100644 --- a/service/opensearch/endpoints.go +++ b/service/opensearch/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -497,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,9 +525,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -539,7 +535,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opensearch/options.go b/service/opensearch/options.go index 33ad5a045b5..e2478fcd762 100644 --- a/service/opensearch/options.go +++ b/service/opensearch/options.go @@ -5,7 +5,6 @@ package opensearch import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opensearchserverless/api_client.go b/service/opensearchserverless/api_client.go index cac6d9d3a7a..f4fa44027b2 100644 --- a/service/opensearchserverless/api_client.go +++ b/service/opensearchserverless/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opensearchserverless/auth.go b/service/opensearchserverless/auth.go index 0effa315f8e..9d7c3cccb76 100644 --- a/service/opensearchserverless/auth.go +++ b/service/opensearchserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opensearchserverless/endpoints.go b/service/opensearchserverless/endpoints.go index dccfb91f33e..13b99ae1596 100644 --- a/service/opensearchserverless/endpoints.go +++ b/service/opensearchserverless/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opensearchserverless/options.go b/service/opensearchserverless/options.go index bf8e78b6864..5ae7820a093 100644 --- a/service/opensearchserverless/options.go +++ b/service/opensearchserverless/options.go @@ -5,7 +5,6 @@ package opensearchserverless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opsworks/api_client.go b/service/opsworks/api_client.go index db71685257a..3b85b3cd7aa 100644 --- a/service/opsworks/api_client.go +++ b/service/opsworks/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opsworks/auth.go b/service/opsworks/auth.go index 5a658207956..e276062caab 100644 --- a/service/opsworks/auth.go +++ b/service/opsworks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opsworks/endpoints.go b/service/opsworks/endpoints.go index a1038c98046..f3dd8e1d4f1 100644 --- a/service/opsworks/endpoints.go +++ b/service/opsworks/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opsworks/options.go b/service/opsworks/options.go index 84a97fb741a..2f822c32416 100644 --- a/service/opsworks/options.go +++ b/service/opsworks/options.go @@ -5,7 +5,6 @@ package opsworks import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opsworkscm/api_client.go b/service/opsworkscm/api_client.go index c6dfc184b2e..606b51f6483 100644 --- a/service/opsworkscm/api_client.go +++ b/service/opsworkscm/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/opsworkscm/auth.go b/service/opsworkscm/auth.go index ae5874844ca..eb4c462a222 100644 --- a/service/opsworkscm/auth.go +++ b/service/opsworkscm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opsworkscm/endpoints.go b/service/opsworkscm/endpoints.go index 9ae1b755041..e000b6a0148 100644 --- a/service/opsworkscm/endpoints.go +++ b/service/opsworkscm/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opsworkscm/options.go b/service/opsworkscm/options.go index 9b8bd88c487..e70c2ac0ffb 100644 --- a/service/opsworkscm/options.go +++ b/service/opsworkscm/options.go @@ -5,7 +5,6 @@ package opsworkscm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/organizations/api_client.go b/service/organizations/api_client.go index 2d28391c269..2b38af470ff 100644 --- a/service/organizations/api_client.go +++ b/service/organizations/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/organizations/auth.go b/service/organizations/auth.go index 45aa78aeb43..3e8a26568c4 100644 --- a/service/organizations/auth.go +++ b/service/organizations/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/organizations/endpoints.go b/service/organizations/endpoints.go index 8b544b39956..7058ea37e41 100644 --- a/service/organizations/endpoints.go +++ b/service/organizations/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -611,7 +610,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -640,9 +639,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -653,7 +649,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/organizations/options.go b/service/organizations/options.go index a169e11b4ff..ba05eb89a41 100644 --- a/service/organizations/options.go +++ b/service/organizations/options.go @@ -5,7 +5,6 @@ package organizations import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/osis/api_client.go b/service/osis/api_client.go index b85f83c327b..fc33b2be48f 100644 --- a/service/osis/api_client.go +++ b/service/osis/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/osis/auth.go b/service/osis/auth.go index 2accdf263cd..15025142c33 100644 --- a/service/osis/auth.go +++ b/service/osis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/osis/endpoints.go b/service/osis/endpoints.go index df063bf9d55..9f21c59c17f 100644 --- a/service/osis/endpoints.go +++ b/service/osis/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/osis/options.go b/service/osis/options.go index f66e43d6231..467d937e6f0 100644 --- a/service/osis/options.go +++ b/service/osis/options.go @@ -5,7 +5,6 @@ package osis import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/outposts/api_client.go b/service/outposts/api_client.go index b8848a5aa55..4eb96aeec7c 100644 --- a/service/outposts/api_client.go +++ b/service/outposts/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/outposts/auth.go b/service/outposts/auth.go index 832dab1dcc7..2cba6d3a70b 100644 --- a/service/outposts/auth.go +++ b/service/outposts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/outposts/endpoints.go b/service/outposts/endpoints.go index 60dd99168cc..3d87302dc9c 100644 --- a/service/outposts/endpoints.go +++ b/service/outposts/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/outposts/options.go b/service/outposts/options.go index 6e799eb4b7a..5c4fa3244f0 100644 --- a/service/outposts/options.go +++ b/service/outposts/options.go @@ -5,7 +5,6 @@ package outposts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/panorama/api_client.go b/service/panorama/api_client.go index fcc812ef387..857bfb1c2c0 100644 --- a/service/panorama/api_client.go +++ b/service/panorama/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/panorama/auth.go b/service/panorama/auth.go index 9ebcb6cd953..408dba51cdd 100644 --- a/service/panorama/auth.go +++ b/service/panorama/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/panorama/endpoints.go b/service/panorama/endpoints.go index 8904a6742ec..3d248780660 100644 --- a/service/panorama/endpoints.go +++ b/service/panorama/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/panorama/options.go b/service/panorama/options.go index f921bf1c432..7586bafeb49 100644 --- a/service/panorama/options.go +++ b/service/panorama/options.go @@ -5,7 +5,6 @@ package panorama import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/paymentcryptography/api_client.go b/service/paymentcryptography/api_client.go index ccceec5ce29..3dbb67e916a 100644 --- a/service/paymentcryptography/api_client.go +++ b/service/paymentcryptography/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/paymentcryptography/auth.go b/service/paymentcryptography/auth.go index 87187487990..9ff3271eb22 100644 --- a/service/paymentcryptography/auth.go +++ b/service/paymentcryptography/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/paymentcryptography/endpoints.go b/service/paymentcryptography/endpoints.go index 6aafd3d06a5..5f44216663f 100644 --- a/service/paymentcryptography/endpoints.go +++ b/service/paymentcryptography/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/paymentcryptography/options.go b/service/paymentcryptography/options.go index 90e10272f51..af359cb2b43 100644 --- a/service/paymentcryptography/options.go +++ b/service/paymentcryptography/options.go @@ -5,7 +5,6 @@ package paymentcryptography import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/paymentcryptographydata/api_client.go b/service/paymentcryptographydata/api_client.go index c0026af0ce8..5241f23ee7e 100644 --- a/service/paymentcryptographydata/api_client.go +++ b/service/paymentcryptographydata/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/paymentcryptographydata/auth.go b/service/paymentcryptographydata/auth.go index f2e99947ff1..750fa36ea67 100644 --- a/service/paymentcryptographydata/auth.go +++ b/service/paymentcryptographydata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/paymentcryptographydata/endpoints.go b/service/paymentcryptographydata/endpoints.go index 5a937614ffc..9245cc59e8d 100644 --- a/service/paymentcryptographydata/endpoints.go +++ b/service/paymentcryptographydata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/paymentcryptographydata/options.go b/service/paymentcryptographydata/options.go index 592c6936bc7..3eda695222a 100644 --- a/service/paymentcryptographydata/options.go +++ b/service/paymentcryptographydata/options.go @@ -5,7 +5,6 @@ package paymentcryptographydata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pcaconnectorad/api_client.go b/service/pcaconnectorad/api_client.go index 0e0f32a5f19..94ab171e0a0 100644 --- a/service/pcaconnectorad/api_client.go +++ b/service/pcaconnectorad/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pcaconnectorad/auth.go b/service/pcaconnectorad/auth.go index 63e64e09968..b30abfba5ae 100644 --- a/service/pcaconnectorad/auth.go +++ b/service/pcaconnectorad/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pcaconnectorad/endpoints.go b/service/pcaconnectorad/endpoints.go index 3d6148285c4..8e87d64050b 100644 --- a/service/pcaconnectorad/endpoints.go +++ b/service/pcaconnectorad/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pcaconnectorad/options.go b/service/pcaconnectorad/options.go index 10b97be0f66..083818f4014 100644 --- a/service/pcaconnectorad/options.go +++ b/service/pcaconnectorad/options.go @@ -5,7 +5,6 @@ package pcaconnectorad import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalize/api_client.go b/service/personalize/api_client.go index b9a97427480..aba4b45a56f 100644 --- a/service/personalize/api_client.go +++ b/service/personalize/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/personalize/auth.go b/service/personalize/auth.go index ce84eaebc5f..8ef02ff21d2 100644 --- a/service/personalize/auth.go +++ b/service/personalize/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalize/endpoints.go b/service/personalize/endpoints.go index 9c3153f6b58..2d3323230e1 100644 --- a/service/personalize/endpoints.go +++ b/service/personalize/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalize/options.go b/service/personalize/options.go index fe2fc36d3f2..7ae259d20af 100644 --- a/service/personalize/options.go +++ b/service/personalize/options.go @@ -5,7 +5,6 @@ package personalize import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalizeevents/api_client.go b/service/personalizeevents/api_client.go index ead017884bb..d6db4f36812 100644 --- a/service/personalizeevents/api_client.go +++ b/service/personalizeevents/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/personalizeevents/auth.go b/service/personalizeevents/auth.go index 18dceb4d22e..ed002654aba 100644 --- a/service/personalizeevents/auth.go +++ b/service/personalizeevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalizeevents/endpoints.go b/service/personalizeevents/endpoints.go index 18515407aec..0216545c14b 100644 --- a/service/personalizeevents/endpoints.go +++ b/service/personalizeevents/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalizeevents/options.go b/service/personalizeevents/options.go index 5454942d853..55912cfdb51 100644 --- a/service/personalizeevents/options.go +++ b/service/personalizeevents/options.go @@ -5,7 +5,6 @@ package personalizeevents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalizeruntime/api_client.go b/service/personalizeruntime/api_client.go index c6c439f7e44..fee4e90dd44 100644 --- a/service/personalizeruntime/api_client.go +++ b/service/personalizeruntime/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/personalizeruntime/auth.go b/service/personalizeruntime/auth.go index 800b70d7cfb..2471a19d0ec 100644 --- a/service/personalizeruntime/auth.go +++ b/service/personalizeruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalizeruntime/endpoints.go b/service/personalizeruntime/endpoints.go index 38d680fea91..4eb89fe9345 100644 --- a/service/personalizeruntime/endpoints.go +++ b/service/personalizeruntime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalizeruntime/options.go b/service/personalizeruntime/options.go index 8a341b29485..2151d25767a 100644 --- a/service/personalizeruntime/options.go +++ b/service/personalizeruntime/options.go @@ -5,7 +5,6 @@ package personalizeruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pi/api_client.go b/service/pi/api_client.go index 623b9c63352..9be04518dcd 100644 --- a/service/pi/api_client.go +++ b/service/pi/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pi/auth.go b/service/pi/auth.go index 408d8f0d992..e591b8ec95a 100644 --- a/service/pi/auth.go +++ b/service/pi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pi/endpoints.go b/service/pi/endpoints.go index 3a03d961881..75a57d1cd7a 100644 --- a/service/pi/endpoints.go +++ b/service/pi/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pi/options.go b/service/pi/options.go index b86f4371be2..45e4e44cfc3 100644 --- a/service/pi/options.go +++ b/service/pi/options.go @@ -5,7 +5,6 @@ package pi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpoint/api_client.go b/service/pinpoint/api_client.go index fbd12003ce9..8b9d2324a1c 100644 --- a/service/pinpoint/api_client.go +++ b/service/pinpoint/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpoint/auth.go b/service/pinpoint/auth.go index 513e58da22a..0a48a980aa8 100644 --- a/service/pinpoint/auth.go +++ b/service/pinpoint/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpoint/endpoints.go b/service/pinpoint/endpoints.go index 6bba7dce9dc..a3852da6ead 100644 --- a/service/pinpoint/endpoints.go +++ b/service/pinpoint/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -517,7 +516,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -546,9 +545,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -559,7 +555,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpoint/options.go b/service/pinpoint/options.go index 923d97158d7..8637dc98f5e 100644 --- a/service/pinpoint/options.go +++ b/service/pinpoint/options.go @@ -5,7 +5,6 @@ package pinpoint import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointemail/api_client.go b/service/pinpointemail/api_client.go index e71cb38fc11..4f40eaa3cf2 100644 --- a/service/pinpointemail/api_client.go +++ b/service/pinpointemail/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpointemail/auth.go b/service/pinpointemail/auth.go index 4e54b265a6d..2a4d0ab93ce 100644 --- a/service/pinpointemail/auth.go +++ b/service/pinpointemail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointemail/endpoints.go b/service/pinpointemail/endpoints.go index bec611a8b6f..ee2e52641f3 100644 --- a/service/pinpointemail/endpoints.go +++ b/service/pinpointemail/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointemail/options.go b/service/pinpointemail/options.go index 687fb2baac5..a6031918084 100644 --- a/service/pinpointemail/options.go +++ b/service/pinpointemail/options.go @@ -5,7 +5,6 @@ package pinpointemail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointsmsvoice/api_client.go b/service/pinpointsmsvoice/api_client.go index ad2e77804f4..10c941de73d 100644 --- a/service/pinpointsmsvoice/api_client.go +++ b/service/pinpointsmsvoice/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpointsmsvoice/auth.go b/service/pinpointsmsvoice/auth.go index 5a6c4693fe6..4b0847e23e0 100644 --- a/service/pinpointsmsvoice/auth.go +++ b/service/pinpointsmsvoice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointsmsvoice/endpoints.go b/service/pinpointsmsvoice/endpoints.go index 9ab715e792f..ff94c4d51a0 100644 --- a/service/pinpointsmsvoice/endpoints.go +++ b/service/pinpointsmsvoice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointsmsvoice/options.go b/service/pinpointsmsvoice/options.go index 4bf074d7c10..a0f22871ffa 100644 --- a/service/pinpointsmsvoice/options.go +++ b/service/pinpointsmsvoice/options.go @@ -5,7 +5,6 @@ package pinpointsmsvoice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointsmsvoicev2/api_client.go b/service/pinpointsmsvoicev2/api_client.go index 3d7cf8a1c1c..123dab90690 100644 --- a/service/pinpointsmsvoicev2/api_client.go +++ b/service/pinpointsmsvoicev2/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pinpointsmsvoicev2/auth.go b/service/pinpointsmsvoicev2/auth.go index 79f61363b06..c5d979e30c8 100644 --- a/service/pinpointsmsvoicev2/auth.go +++ b/service/pinpointsmsvoicev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointsmsvoicev2/endpoints.go b/service/pinpointsmsvoicev2/endpoints.go index 7f3977cc3f8..b2fd8232da9 100644 --- a/service/pinpointsmsvoicev2/endpoints.go +++ b/service/pinpointsmsvoicev2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointsmsvoicev2/options.go b/service/pinpointsmsvoicev2/options.go index 4d4f0e0e534..48eb5cd75c2 100644 --- a/service/pinpointsmsvoicev2/options.go +++ b/service/pinpointsmsvoicev2/options.go @@ -5,7 +5,6 @@ package pinpointsmsvoicev2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pipes/api_client.go b/service/pipes/api_client.go index eb81aa2ff71..c9e2b00ac33 100644 --- a/service/pipes/api_client.go +++ b/service/pipes/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pipes/auth.go b/service/pipes/auth.go index 47a9979dcf9..15a361df493 100644 --- a/service/pipes/auth.go +++ b/service/pipes/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pipes/endpoints.go b/service/pipes/endpoints.go index 667ad6cb324..0e2dcb747f6 100644 --- a/service/pipes/endpoints.go +++ b/service/pipes/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pipes/options.go b/service/pipes/options.go index 6e88eac4cc1..f3d862a64b0 100644 --- a/service/pipes/options.go +++ b/service/pipes/options.go @@ -5,7 +5,6 @@ package pipes import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/polly/api_client.go b/service/polly/api_client.go index e973a3a71bc..f86584d8794 100644 --- a/service/polly/api_client.go +++ b/service/polly/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/polly/auth.go b/service/polly/auth.go index 2e2befe1d79..ec4a0e8f072 100644 --- a/service/polly/auth.go +++ b/service/polly/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/polly/endpoints.go b/service/polly/endpoints.go index b4d7d4f0168..60f48afbff6 100644 --- a/service/polly/endpoints.go +++ b/service/polly/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/polly/options.go b/service/polly/options.go index d5275ff8f8a..0941ae37fe2 100644 --- a/service/polly/options.go +++ b/service/polly/options.go @@ -5,7 +5,6 @@ package polly import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pricing/api_client.go b/service/pricing/api_client.go index 4dbf628c7da..3185fe07dbd 100644 --- a/service/pricing/api_client.go +++ b/service/pricing/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/pricing/auth.go b/service/pricing/auth.go index 5a0d4742cf9..dcc7845c983 100644 --- a/service/pricing/auth.go +++ b/service/pricing/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pricing/endpoints.go b/service/pricing/endpoints.go index 063081661ab..c642b5d94b8 100644 --- a/service/pricing/endpoints.go +++ b/service/pricing/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pricing/options.go b/service/pricing/options.go index fb57deb4971..75cf87de816 100644 --- a/service/pricing/options.go +++ b/service/pricing/options.go @@ -5,7 +5,6 @@ package pricing import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/privatenetworks/api_client.go b/service/privatenetworks/api_client.go index 6ad053cd023..a3ea5b4b90a 100644 --- a/service/privatenetworks/api_client.go +++ b/service/privatenetworks/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/privatenetworks/auth.go b/service/privatenetworks/auth.go index 48d59b5a0fe..3fad0959e16 100644 --- a/service/privatenetworks/auth.go +++ b/service/privatenetworks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/privatenetworks/endpoints.go b/service/privatenetworks/endpoints.go index d86e0beed46..f1ce79453b0 100644 --- a/service/privatenetworks/endpoints.go +++ b/service/privatenetworks/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/privatenetworks/options.go b/service/privatenetworks/options.go index 48bc6861a14..e48aa49665e 100644 --- a/service/privatenetworks/options.go +++ b/service/privatenetworks/options.go @@ -5,7 +5,6 @@ package privatenetworks import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/proton/api_client.go b/service/proton/api_client.go index 8e4a1093234..437c082b320 100644 --- a/service/proton/api_client.go +++ b/service/proton/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/proton/auth.go b/service/proton/auth.go index aa2179a83f7..1bde7428634 100644 --- a/service/proton/auth.go +++ b/service/proton/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/proton/endpoints.go b/service/proton/endpoints.go index ae4b24f00d2..f626b182268 100644 --- a/service/proton/endpoints.go +++ b/service/proton/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/proton/options.go b/service/proton/options.go index e47360a0915..58fa104099b 100644 --- a/service/proton/options.go +++ b/service/proton/options.go @@ -5,7 +5,6 @@ package proton import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qbusiness/api_client.go b/service/qbusiness/api_client.go index 9563b25e46d..a949e8d47b9 100644 --- a/service/qbusiness/api_client.go +++ b/service/qbusiness/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qbusiness/auth.go b/service/qbusiness/auth.go index 7030ea00847..487dc2392d2 100644 --- a/service/qbusiness/auth.go +++ b/service/qbusiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qbusiness/endpoints.go b/service/qbusiness/endpoints.go index 2436d4ef234..eb3d36d677b 100644 --- a/service/qbusiness/endpoints.go +++ b/service/qbusiness/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -412,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,9 +439,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -453,7 +449,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qbusiness/options.go b/service/qbusiness/options.go index 4a931de1d23..963714ee904 100644 --- a/service/qbusiness/options.go +++ b/service/qbusiness/options.go @@ -5,7 +5,6 @@ package qbusiness import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qconnect/api_client.go b/service/qconnect/api_client.go index c3e70353754..824271643ae 100644 --- a/service/qconnect/api_client.go +++ b/service/qconnect/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qconnect/auth.go b/service/qconnect/auth.go index 9f22946b7f2..34142319821 100644 --- a/service/qconnect/auth.go +++ b/service/qconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qconnect/endpoints.go b/service/qconnect/endpoints.go index c9ee6bdd274..8a6efd31f04 100644 --- a/service/qconnect/endpoints.go +++ b/service/qconnect/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qconnect/options.go b/service/qconnect/options.go index 9322dc1c70b..42c2b4fba85 100644 --- a/service/qconnect/options.go +++ b/service/qconnect/options.go @@ -5,7 +5,6 @@ package qconnect import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qldb/api_client.go b/service/qldb/api_client.go index ce699a1461f..5207dc64109 100644 --- a/service/qldb/api_client.go +++ b/service/qldb/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qldb/auth.go b/service/qldb/auth.go index 2f0dc7d93d6..eb1a484cd8c 100644 --- a/service/qldb/auth.go +++ b/service/qldb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qldb/endpoints.go b/service/qldb/endpoints.go index bc6cef0f9b0..9a9545a41c3 100644 --- a/service/qldb/endpoints.go +++ b/service/qldb/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qldb/options.go b/service/qldb/options.go index 8c9189a6562..28bc949451c 100644 --- a/service/qldb/options.go +++ b/service/qldb/options.go @@ -5,7 +5,6 @@ package qldb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qldbsession/api_client.go b/service/qldbsession/api_client.go index 836ccaaaadd..7338fe6362e 100644 --- a/service/qldbsession/api_client.go +++ b/service/qldbsession/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/qldbsession/auth.go b/service/qldbsession/auth.go index 9c0a203c297..051dc62b032 100644 --- a/service/qldbsession/auth.go +++ b/service/qldbsession/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qldbsession/endpoints.go b/service/qldbsession/endpoints.go index 45b75b63578..14d4440a07b 100644 --- a/service/qldbsession/endpoints.go +++ b/service/qldbsession/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qldbsession/options.go b/service/qldbsession/options.go index f4f82f6a283..b79b15fb87f 100644 --- a/service/qldbsession/options.go +++ b/service/qldbsession/options.go @@ -5,7 +5,6 @@ package qldbsession import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/quicksight/api_client.go b/service/quicksight/api_client.go index 6d127a7fbee..6cfb1f2a856 100644 --- a/service/quicksight/api_client.go +++ b/service/quicksight/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/quicksight/auth.go b/service/quicksight/auth.go index 84fbc98e1b1..3bbeeff2507 100644 --- a/service/quicksight/auth.go +++ b/service/quicksight/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/quicksight/endpoints.go b/service/quicksight/endpoints.go index 74883183d53..0726df91f51 100644 --- a/service/quicksight/endpoints.go +++ b/service/quicksight/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/quicksight/options.go b/service/quicksight/options.go index b37b4213038..bef20fecb97 100644 --- a/service/quicksight/options.go +++ b/service/quicksight/options.go @@ -5,7 +5,6 @@ package quicksight import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ram/api_client.go b/service/ram/api_client.go index 962e1003701..c93034433b8 100644 --- a/service/ram/api_client.go +++ b/service/ram/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ram/auth.go b/service/ram/auth.go index d0da6a1eb9e..819418af550 100644 --- a/service/ram/auth.go +++ b/service/ram/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ram/endpoints.go b/service/ram/endpoints.go index 6b053d93fb2..7ea4a9230e1 100644 --- a/service/ram/endpoints.go +++ b/service/ram/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ram/options.go b/service/ram/options.go index 9003feb5b85..53cb5ed0457 100644 --- a/service/ram/options.go +++ b/service/ram/options.go @@ -5,7 +5,6 @@ package ram import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rbin/api_client.go b/service/rbin/api_client.go index baeaa598bf6..ff3b4f9f84e 100644 --- a/service/rbin/api_client.go +++ b/service/rbin/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rbin/auth.go b/service/rbin/auth.go index 4ad8918f7d4..3c4c5d002c1 100644 --- a/service/rbin/auth.go +++ b/service/rbin/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rbin/endpoints.go b/service/rbin/endpoints.go index 71b14134b56..98899eb1d78 100644 --- a/service/rbin/endpoints.go +++ b/service/rbin/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rbin/options.go b/service/rbin/options.go index 5b6c049d53f..8ab81fcf059 100644 --- a/service/rbin/options.go +++ b/service/rbin/options.go @@ -5,7 +5,6 @@ package rbin import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rds/api_client.go b/service/rds/api_client.go index 1da762b9a13..55dd540d55f 100644 --- a/service/rds/api_client.go +++ b/service/rds/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rds/auth.go b/service/rds/auth.go index 312c2ab8518..4c1ad1ee8c5 100644 --- a/service/rds/auth.go +++ b/service/rds/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rds/endpoints.go b/service/rds/endpoints.go index d8ad5d37187..57d8f837382 100644 --- a/service/rds/endpoints.go +++ b/service/rds/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rds/options.go b/service/rds/options.go index 25996f0aebe..f7d3a50892d 100644 --- a/service/rds/options.go +++ b/service/rds/options.go @@ -5,7 +5,6 @@ package rds import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rdsdata/api_client.go b/service/rdsdata/api_client.go index 0c73de6ed51..50e49aa2645 100644 --- a/service/rdsdata/api_client.go +++ b/service/rdsdata/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rdsdata/auth.go b/service/rdsdata/auth.go index 4044e112e2a..25e8d40014b 100644 --- a/service/rdsdata/auth.go +++ b/service/rdsdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rdsdata/endpoints.go b/service/rdsdata/endpoints.go index 90f93ce4eb7..b8c5ae9530e 100644 --- a/service/rdsdata/endpoints.go +++ b/service/rdsdata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rdsdata/options.go b/service/rdsdata/options.go index 15a6475d635..3d459c5681a 100644 --- a/service/rdsdata/options.go +++ b/service/rdsdata/options.go @@ -5,7 +5,6 @@ package rdsdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshift/api_client.go b/service/redshift/api_client.go index ae4466bcaad..09c9f3c9c08 100644 --- a/service/redshift/api_client.go +++ b/service/redshift/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/redshift/auth.go b/service/redshift/auth.go index 6a48643a702..3e704fde790 100644 --- a/service/redshift/auth.go +++ b/service/redshift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshift/endpoints.go b/service/redshift/endpoints.go index 1a05559ad72..101b963a813 100644 --- a/service/redshift/endpoints.go +++ b/service/redshift/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshift/options.go b/service/redshift/options.go index 6aee798f9ad..1131fd4e7ff 100644 --- a/service/redshift/options.go +++ b/service/redshift/options.go @@ -5,7 +5,6 @@ package redshift import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshiftdata/api_client.go b/service/redshiftdata/api_client.go index f7cbb1a363f..945d89a5e2b 100644 --- a/service/redshiftdata/api_client.go +++ b/service/redshiftdata/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/redshiftdata/auth.go b/service/redshiftdata/auth.go index aafd1346e97..3d8523b426c 100644 --- a/service/redshiftdata/auth.go +++ b/service/redshiftdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshiftdata/endpoints.go b/service/redshiftdata/endpoints.go index cd4ce03457c..8c5b1013212 100644 --- a/service/redshiftdata/endpoints.go +++ b/service/redshiftdata/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshiftdata/options.go b/service/redshiftdata/options.go index 7ad41c37d1e..75274d1da99 100644 --- a/service/redshiftdata/options.go +++ b/service/redshiftdata/options.go @@ -5,7 +5,6 @@ package redshiftdata import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshiftserverless/api_client.go b/service/redshiftserverless/api_client.go index 5ecff2f736f..29267f3a8b1 100644 --- a/service/redshiftserverless/api_client.go +++ b/service/redshiftserverless/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/redshiftserverless/auth.go b/service/redshiftserverless/auth.go index 325442f0664..9954df495ea 100644 --- a/service/redshiftserverless/auth.go +++ b/service/redshiftserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshiftserverless/endpoints.go b/service/redshiftserverless/endpoints.go index db064875d28..8f48b3824f9 100644 --- a/service/redshiftserverless/endpoints.go +++ b/service/redshiftserverless/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshiftserverless/options.go b/service/redshiftserverless/options.go index 4fa06787233..3037bef5056 100644 --- a/service/redshiftserverless/options.go +++ b/service/redshiftserverless/options.go @@ -5,7 +5,6 @@ package redshiftserverless import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rekognition/api_client.go b/service/rekognition/api_client.go index 26107199335..07aa39ac796 100644 --- a/service/rekognition/api_client.go +++ b/service/rekognition/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rekognition/auth.go b/service/rekognition/auth.go index 80220cbbc2f..31124e531a1 100644 --- a/service/rekognition/auth.go +++ b/service/rekognition/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rekognition/endpoints.go b/service/rekognition/endpoints.go index e7601919768..40058c8a536 100644 --- a/service/rekognition/endpoints.go +++ b/service/rekognition/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rekognition/options.go b/service/rekognition/options.go index 0aa5d880b38..98ebd9c8f26 100644 --- a/service/rekognition/options.go +++ b/service/rekognition/options.go @@ -5,7 +5,6 @@ package rekognition import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/repostspace/api_client.go b/service/repostspace/api_client.go index e8827af4f2d..f90bf60f41f 100644 --- a/service/repostspace/api_client.go +++ b/service/repostspace/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/repostspace/auth.go b/service/repostspace/auth.go index 3ffa77ecfa1..9660a59141c 100644 --- a/service/repostspace/auth.go +++ b/service/repostspace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/repostspace/endpoints.go b/service/repostspace/endpoints.go index 3467e14df03..c25dabc510e 100644 --- a/service/repostspace/endpoints.go +++ b/service/repostspace/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/repostspace/options.go b/service/repostspace/options.go index 38d92f9ea9e..0370fd9d196 100644 --- a/service/repostspace/options.go +++ b/service/repostspace/options.go @@ -5,7 +5,6 @@ package repostspace import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resiliencehub/api_client.go b/service/resiliencehub/api_client.go index abac686b53f..4717d710047 100644 --- a/service/resiliencehub/api_client.go +++ b/service/resiliencehub/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resiliencehub/auth.go b/service/resiliencehub/auth.go index 9707369b4de..70128c734f3 100644 --- a/service/resiliencehub/auth.go +++ b/service/resiliencehub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resiliencehub/endpoints.go b/service/resiliencehub/endpoints.go index 407d17ef718..585831e6b20 100644 --- a/service/resiliencehub/endpoints.go +++ b/service/resiliencehub/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resiliencehub/options.go b/service/resiliencehub/options.go index 45d0895270a..0f88fcee0b4 100644 --- a/service/resiliencehub/options.go +++ b/service/resiliencehub/options.go @@ -5,7 +5,6 @@ package resiliencehub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourceexplorer2/api_client.go b/service/resourceexplorer2/api_client.go index 9466e21ff12..1bcf778b426 100644 --- a/service/resourceexplorer2/api_client.go +++ b/service/resourceexplorer2/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resourceexplorer2/auth.go b/service/resourceexplorer2/auth.go index bcfec2a73d7..0444437656d 100644 --- a/service/resourceexplorer2/auth.go +++ b/service/resourceexplorer2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourceexplorer2/endpoints.go b/service/resourceexplorer2/endpoints.go index 0be14bf63e3..da20bbf70f5 100644 --- a/service/resourceexplorer2/endpoints.go +++ b/service/resourceexplorer2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -412,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,9 +439,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -453,7 +449,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourceexplorer2/options.go b/service/resourceexplorer2/options.go index 8290b24dccd..a5bab79f58d 100644 --- a/service/resourceexplorer2/options.go +++ b/service/resourceexplorer2/options.go @@ -5,7 +5,6 @@ package resourceexplorer2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourcegroups/api_client.go b/service/resourcegroups/api_client.go index 8faa4aabe63..481293664ec 100644 --- a/service/resourcegroups/api_client.go +++ b/service/resourcegroups/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resourcegroups/auth.go b/service/resourcegroups/auth.go index 1c4c6c5f239..d769c10e82a 100644 --- a/service/resourcegroups/auth.go +++ b/service/resourcegroups/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourcegroups/endpoints.go b/service/resourcegroups/endpoints.go index 4be3df22850..a14bcd9f9d1 100644 --- a/service/resourcegroups/endpoints.go +++ b/service/resourcegroups/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourcegroups/options.go b/service/resourcegroups/options.go index 397824752be..c941e8dd7f8 100644 --- a/service/resourcegroups/options.go +++ b/service/resourcegroups/options.go @@ -5,7 +5,6 @@ package resourcegroups import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourcegroupstaggingapi/api_client.go b/service/resourcegroupstaggingapi/api_client.go index 9bdec89658a..6f8349a91c0 100644 --- a/service/resourcegroupstaggingapi/api_client.go +++ b/service/resourcegroupstaggingapi/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/resourcegroupstaggingapi/auth.go b/service/resourcegroupstaggingapi/auth.go index 9a0f9cd3fc5..a858c9c565c 100644 --- a/service/resourcegroupstaggingapi/auth.go +++ b/service/resourcegroupstaggingapi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourcegroupstaggingapi/endpoints.go b/service/resourcegroupstaggingapi/endpoints.go index 6a32dc64fa9..b91b084c9bb 100644 --- a/service/resourcegroupstaggingapi/endpoints.go +++ b/service/resourcegroupstaggingapi/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourcegroupstaggingapi/options.go b/service/resourcegroupstaggingapi/options.go index dba71e600e1..247ed084c7c 100644 --- a/service/resourcegroupstaggingapi/options.go +++ b/service/resourcegroupstaggingapi/options.go @@ -5,7 +5,6 @@ package resourcegroupstaggingapi import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/robomaker/api_client.go b/service/robomaker/api_client.go index b907c00ec30..2371a8790e0 100644 --- a/service/robomaker/api_client.go +++ b/service/robomaker/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/robomaker/auth.go b/service/robomaker/auth.go index 5b14cf5013a..b12a0f982bb 100644 --- a/service/robomaker/auth.go +++ b/service/robomaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/robomaker/endpoints.go b/service/robomaker/endpoints.go index aa6096d886c..6de26356d85 100644 --- a/service/robomaker/endpoints.go +++ b/service/robomaker/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/robomaker/options.go b/service/robomaker/options.go index 5a912faf619..929dc42ba7b 100644 --- a/service/robomaker/options.go +++ b/service/robomaker/options.go @@ -5,7 +5,6 @@ package robomaker import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rolesanywhere/api_client.go b/service/rolesanywhere/api_client.go index a51878e39c3..afc78e0d1cd 100644 --- a/service/rolesanywhere/api_client.go +++ b/service/rolesanywhere/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rolesanywhere/auth.go b/service/rolesanywhere/auth.go index c346a630020..dad98f4e241 100644 --- a/service/rolesanywhere/auth.go +++ b/service/rolesanywhere/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rolesanywhere/endpoints.go b/service/rolesanywhere/endpoints.go index 74d61f1c646..6478bb68ed2 100644 --- a/service/rolesanywhere/endpoints.go +++ b/service/rolesanywhere/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rolesanywhere/options.go b/service/rolesanywhere/options.go index 18ae1df1434..d7e99288833 100644 --- a/service/rolesanywhere/options.go +++ b/service/rolesanywhere/options.go @@ -5,7 +5,6 @@ package rolesanywhere import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53/api_client.go b/service/route53/api_client.go index 0bc1ac79603..c12337dedf6 100644 --- a/service/route53/api_client.go +++ b/service/route53/api_client.go @@ -231,16 +231,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53/auth.go b/service/route53/auth.go index f6d1e839309..5e979833419 100644 --- a/service/route53/auth.go +++ b/service/route53/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53/endpoints.go b/service/route53/endpoints.go index 3abf61a5307..a2ef865a644 100644 --- a/service/route53/endpoints.go +++ b/service/route53/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -747,7 +746,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -776,9 +775,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -789,7 +785,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53/options.go b/service/route53/options.go index 0b7dd406cf9..98b428f625c 100644 --- a/service/route53/options.go +++ b/service/route53/options.go @@ -5,7 +5,6 @@ package route53 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53domains/api_client.go b/service/route53domains/api_client.go index 7e7d34d4c7e..72a5fa25f78 100644 --- a/service/route53domains/api_client.go +++ b/service/route53domains/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53domains/auth.go b/service/route53domains/auth.go index 9d568517a95..51085fdccd6 100644 --- a/service/route53domains/auth.go +++ b/service/route53domains/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53domains/endpoints.go b/service/route53domains/endpoints.go index 3e70fb638d1..460616063b4 100644 --- a/service/route53domains/endpoints.go +++ b/service/route53domains/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53domains/options.go b/service/route53domains/options.go index 778f5153fc4..a80c0cce1f4 100644 --- a/service/route53domains/options.go +++ b/service/route53domains/options.go @@ -5,7 +5,6 @@ package route53domains import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycluster/api_client.go b/service/route53recoverycluster/api_client.go index 29b6592bd0c..b38e349ab56 100644 --- a/service/route53recoverycluster/api_client.go +++ b/service/route53recoverycluster/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53recoverycluster/auth.go b/service/route53recoverycluster/auth.go index 98b43c2d6ba..0bf77bf7bb3 100644 --- a/service/route53recoverycluster/auth.go +++ b/service/route53recoverycluster/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoverycluster/endpoints.go b/service/route53recoverycluster/endpoints.go index fd777dbd229..74dd38eea35 100644 --- a/service/route53recoverycluster/endpoints.go +++ b/service/route53recoverycluster/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoverycluster/options.go b/service/route53recoverycluster/options.go index 3eb1fcb956e..dbb94a43fca 100644 --- a/service/route53recoverycluster/options.go +++ b/service/route53recoverycluster/options.go @@ -5,7 +5,6 @@ package route53recoverycluster import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycontrolconfig/api_client.go b/service/route53recoverycontrolconfig/api_client.go index a537c78bcc9..512d34923c9 100644 --- a/service/route53recoverycontrolconfig/api_client.go +++ b/service/route53recoverycontrolconfig/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53recoverycontrolconfig/auth.go b/service/route53recoverycontrolconfig/auth.go index 2e1de253377..78f797148e4 100644 --- a/service/route53recoverycontrolconfig/auth.go +++ b/service/route53recoverycontrolconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoverycontrolconfig/endpoints.go b/service/route53recoverycontrolconfig/endpoints.go index 54522f4aa5c..2c38462bba4 100644 --- a/service/route53recoverycontrolconfig/endpoints.go +++ b/service/route53recoverycontrolconfig/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -471,7 +470,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -500,9 +499,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -513,7 +509,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoverycontrolconfig/options.go b/service/route53recoverycontrolconfig/options.go index 56763e9b190..91ab9e43013 100644 --- a/service/route53recoverycontrolconfig/options.go +++ b/service/route53recoverycontrolconfig/options.go @@ -5,7 +5,6 @@ package route53recoverycontrolconfig import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoveryreadiness/api_client.go b/service/route53recoveryreadiness/api_client.go index e959643ca75..b6b83463212 100644 --- a/service/route53recoveryreadiness/api_client.go +++ b/service/route53recoveryreadiness/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53recoveryreadiness/auth.go b/service/route53recoveryreadiness/auth.go index 96ce75888a2..b2f574252b9 100644 --- a/service/route53recoveryreadiness/auth.go +++ b/service/route53recoveryreadiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoveryreadiness/endpoints.go b/service/route53recoveryreadiness/endpoints.go index 707869e80d1..bf40d332253 100644 --- a/service/route53recoveryreadiness/endpoints.go +++ b/service/route53recoveryreadiness/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoveryreadiness/options.go b/service/route53recoveryreadiness/options.go index 0af7b8b917e..6c7b56f881b 100644 --- a/service/route53recoveryreadiness/options.go +++ b/service/route53recoveryreadiness/options.go @@ -5,7 +5,6 @@ package route53recoveryreadiness import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53resolver/api_client.go b/service/route53resolver/api_client.go index 979ec2c9602..3c2bb21077c 100644 --- a/service/route53resolver/api_client.go +++ b/service/route53resolver/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/route53resolver/auth.go b/service/route53resolver/auth.go index 01b8af398f3..b3fd292116d 100644 --- a/service/route53resolver/auth.go +++ b/service/route53resolver/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53resolver/endpoints.go b/service/route53resolver/endpoints.go index 7b70b654db6..5681279e1de 100644 --- a/service/route53resolver/endpoints.go +++ b/service/route53resolver/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -466,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,9 +494,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -508,7 +504,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53resolver/options.go b/service/route53resolver/options.go index 02312e68a71..3b99e8080c6 100644 --- a/service/route53resolver/options.go +++ b/service/route53resolver/options.go @@ -5,7 +5,6 @@ package route53resolver import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rum/api_client.go b/service/rum/api_client.go index 1b2a60cb7d1..03528c761a3 100644 --- a/service/rum/api_client.go +++ b/service/rum/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/rum/auth.go b/service/rum/auth.go index 7c3bed5ed5a..e0e89deba63 100644 --- a/service/rum/auth.go +++ b/service/rum/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rum/endpoints.go b/service/rum/endpoints.go index e6060af6376..d7c21fb025a 100644 --- a/service/rum/endpoints.go +++ b/service/rum/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rum/options.go b/service/rum/options.go index a4bafb3e0fe..707f7f1ad3f 100644 --- a/service/rum/options.go +++ b/service/rum/options.go @@ -5,7 +5,6 @@ package rum import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3/api_client.go b/service/s3/api_client.go index 82a7204d3e4..5e5f27b2d72 100644 --- a/service/s3/api_client.go +++ b/service/s3/api_client.go @@ -263,16 +263,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/s3/auth.go b/service/s3/auth.go index d8d71d1fe7f..6ef631bd380 100644 --- a/service/s3/auth.go +++ b/service/s3/auth.go @@ -12,12 +12,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } -func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options, ctx context.Context) { - params.endpointParams = bindEndpointParams(input, options, ctx) +func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { + params.endpointParams = bindEndpointParams(input, options) } type setLegacyContextSigningOptionsMiddleware struct { @@ -98,13 +98,13 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthEndpointParams(params, input, options, ctx) - bindAuthParamsRegion(params, input, options, ctx) + bindAuthEndpointParams(params, input, options) + bindAuthParamsRegion(params, input, options) return params } @@ -179,7 +179,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3/endpoints.go b/service/s3/endpoints.go index 7aba6790cdf..a1f2e36d63a 100644 --- a/service/s3/endpoints.go +++ b/service/s3/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" @@ -5666,7 +5665,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -5701,9 +5700,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -5714,7 +5710,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3/options.go b/service/s3/options.go index a36918e0187..064bcefb4fd 100644 --- a/service/s3/options.go +++ b/service/s3/options.go @@ -6,7 +6,6 @@ import ( "context" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" "github.com/aws/aws-sdk-go-v2/internal/v4a" @@ -28,9 +27,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3control/api_client.go b/service/s3control/api_client.go index ec156abced8..58b298312e3 100644 --- a/service/s3control/api_client.go +++ b/service/s3control/api_client.go @@ -235,16 +235,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/s3control/auth.go b/service/s3control/auth.go index 303144e78db..4ebc2326ddc 100644 --- a/service/s3control/auth.go +++ b/service/s3control/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3control/endpoints.go b/service/s3control/endpoints.go index f82f044e333..0afd9ee4828 100644 --- a/service/s3control/endpoints.go +++ b/service/s3control/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -1622,7 +1621,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1652,9 +1651,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -1665,7 +1661,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3control/options.go b/service/s3control/options.go index 12b8e5e42aa..a27e36c85e4 100644 --- a/service/s3control/options.go +++ b/service/s3control/options.go @@ -5,7 +5,6 @@ package s3control import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3outposts/api_client.go b/service/s3outposts/api_client.go index 66584252106..b0210afa4b7 100644 --- a/service/s3outposts/api_client.go +++ b/service/s3outposts/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/s3outposts/auth.go b/service/s3outposts/auth.go index 66fcb613753..0c4514c575b 100644 --- a/service/s3outposts/auth.go +++ b/service/s3outposts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3outposts/endpoints.go b/service/s3outposts/endpoints.go index de7f759c17b..0553535aecc 100644 --- a/service/s3outposts/endpoints.go +++ b/service/s3outposts/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3outposts/options.go b/service/s3outposts/options.go index 1c59cb4afc8..329de7d3ebb 100644 --- a/service/s3outposts/options.go +++ b/service/s3outposts/options.go @@ -5,7 +5,6 @@ package s3outposts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemaker/api_client.go b/service/sagemaker/api_client.go index 0d63a8ce33a..c6c441c2f07 100644 --- a/service/sagemaker/api_client.go +++ b/service/sagemaker/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemaker/auth.go b/service/sagemaker/auth.go index e844c21e46b..e7150ad0cd5 100644 --- a/service/sagemaker/auth.go +++ b/service/sagemaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemaker/endpoints.go b/service/sagemaker/endpoints.go index 760c273cdb0..4813a1a6345 100644 --- a/service/sagemaker/endpoints.go +++ b/service/sagemaker/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemaker/options.go b/service/sagemaker/options.go index 08072d24989..f34cfbc1e73 100644 --- a/service/sagemaker/options.go +++ b/service/sagemaker/options.go @@ -5,7 +5,6 @@ package sagemaker import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakera2iruntime/api_client.go b/service/sagemakera2iruntime/api_client.go index 49e676021bd..dbd9f06bd49 100644 --- a/service/sagemakera2iruntime/api_client.go +++ b/service/sagemakera2iruntime/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakera2iruntime/auth.go b/service/sagemakera2iruntime/auth.go index 70cb8e589ed..fec11b17c5e 100644 --- a/service/sagemakera2iruntime/auth.go +++ b/service/sagemakera2iruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakera2iruntime/endpoints.go b/service/sagemakera2iruntime/endpoints.go index 2ae6e0cf387..629cc683a74 100644 --- a/service/sagemakera2iruntime/endpoints.go +++ b/service/sagemakera2iruntime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakera2iruntime/options.go b/service/sagemakera2iruntime/options.go index 35f0c6a1e49..99b41f4717e 100644 --- a/service/sagemakera2iruntime/options.go +++ b/service/sagemakera2iruntime/options.go @@ -5,7 +5,6 @@ package sagemakera2iruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakeredge/api_client.go b/service/sagemakeredge/api_client.go index 334f7775529..53d9a9ae983 100644 --- a/service/sagemakeredge/api_client.go +++ b/service/sagemakeredge/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakeredge/auth.go b/service/sagemakeredge/auth.go index ada31d99dc7..9c4e8e7e115 100644 --- a/service/sagemakeredge/auth.go +++ b/service/sagemakeredge/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakeredge/endpoints.go b/service/sagemakeredge/endpoints.go index 6883a45b8af..3d2aa5c1826 100644 --- a/service/sagemakeredge/endpoints.go +++ b/service/sagemakeredge/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakeredge/options.go b/service/sagemakeredge/options.go index 25cb919f19b..91509de4fe0 100644 --- a/service/sagemakeredge/options.go +++ b/service/sagemakeredge/options.go @@ -5,7 +5,6 @@ package sagemakeredge import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakerfeaturestoreruntime/api_client.go b/service/sagemakerfeaturestoreruntime/api_client.go index fc40efeeee2..ad3781ce93b 100644 --- a/service/sagemakerfeaturestoreruntime/api_client.go +++ b/service/sagemakerfeaturestoreruntime/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakerfeaturestoreruntime/auth.go b/service/sagemakerfeaturestoreruntime/auth.go index 2e8ed089bf7..54e82e81895 100644 --- a/service/sagemakerfeaturestoreruntime/auth.go +++ b/service/sagemakerfeaturestoreruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakerfeaturestoreruntime/endpoints.go b/service/sagemakerfeaturestoreruntime/endpoints.go index 656919116ec..d0ec1a7a46e 100644 --- a/service/sagemakerfeaturestoreruntime/endpoints.go +++ b/service/sagemakerfeaturestoreruntime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakerfeaturestoreruntime/options.go b/service/sagemakerfeaturestoreruntime/options.go index 57be78d181b..504b6807183 100644 --- a/service/sagemakerfeaturestoreruntime/options.go +++ b/service/sagemakerfeaturestoreruntime/options.go @@ -5,7 +5,6 @@ package sagemakerfeaturestoreruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakergeospatial/api_client.go b/service/sagemakergeospatial/api_client.go index ba1abfa6110..b094ba823cb 100644 --- a/service/sagemakergeospatial/api_client.go +++ b/service/sagemakergeospatial/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakergeospatial/auth.go b/service/sagemakergeospatial/auth.go index 3090acbaac4..331ff4b0d6d 100644 --- a/service/sagemakergeospatial/auth.go +++ b/service/sagemakergeospatial/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakergeospatial/endpoints.go b/service/sagemakergeospatial/endpoints.go index 75f35500940..04f189f4408 100644 --- a/service/sagemakergeospatial/endpoints.go +++ b/service/sagemakergeospatial/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakergeospatial/options.go b/service/sagemakergeospatial/options.go index 8dfcdc97fbb..17a4d3a6fa5 100644 --- a/service/sagemakergeospatial/options.go +++ b/service/sagemakergeospatial/options.go @@ -5,7 +5,6 @@ package sagemakergeospatial import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakermetrics/api_client.go b/service/sagemakermetrics/api_client.go index 4f63f655fd8..15873ccf64a 100644 --- a/service/sagemakermetrics/api_client.go +++ b/service/sagemakermetrics/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakermetrics/auth.go b/service/sagemakermetrics/auth.go index 08fe442d499..8c21d3ecd13 100644 --- a/service/sagemakermetrics/auth.go +++ b/service/sagemakermetrics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakermetrics/endpoints.go b/service/sagemakermetrics/endpoints.go index 4f9900b7d9f..69dde480346 100644 --- a/service/sagemakermetrics/endpoints.go +++ b/service/sagemakermetrics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakermetrics/options.go b/service/sagemakermetrics/options.go index 226780bc213..409ab3fa21a 100644 --- a/service/sagemakermetrics/options.go +++ b/service/sagemakermetrics/options.go @@ -5,7 +5,6 @@ package sagemakermetrics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakerruntime/api_client.go b/service/sagemakerruntime/api_client.go index 12b15d83a6d..63e26ae23e0 100644 --- a/service/sagemakerruntime/api_client.go +++ b/service/sagemakerruntime/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sagemakerruntime/auth.go b/service/sagemakerruntime/auth.go index 26ff605426a..70b7740ff98 100644 --- a/service/sagemakerruntime/auth.go +++ b/service/sagemakerruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakerruntime/endpoints.go b/service/sagemakerruntime/endpoints.go index e99945f83ea..c5cc9ef085d 100644 --- a/service/sagemakerruntime/endpoints.go +++ b/service/sagemakerruntime/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -478,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,9 +506,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -520,7 +516,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakerruntime/options.go b/service/sagemakerruntime/options.go index 9a54eafb6a1..30fab8f1581 100644 --- a/service/sagemakerruntime/options.go +++ b/service/sagemakerruntime/options.go @@ -5,7 +5,6 @@ package sagemakerruntime import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/savingsplans/api_client.go b/service/savingsplans/api_client.go index f09419f2908..378706954f0 100644 --- a/service/savingsplans/api_client.go +++ b/service/savingsplans/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/savingsplans/auth.go b/service/savingsplans/auth.go index a185366d3c6..8cf18855e61 100644 --- a/service/savingsplans/auth.go +++ b/service/savingsplans/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/savingsplans/endpoints.go b/service/savingsplans/endpoints.go index 5ccfcd34bcf..8e8a6bbc0b8 100644 --- a/service/savingsplans/endpoints.go +++ b/service/savingsplans/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -475,7 +474,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -504,9 +503,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -517,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/savingsplans/options.go b/service/savingsplans/options.go index 10ff61f5d47..0b0576a38f6 100644 --- a/service/savingsplans/options.go +++ b/service/savingsplans/options.go @@ -5,7 +5,6 @@ package savingsplans import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/scheduler/api_client.go b/service/scheduler/api_client.go index c178099c338..8749fcb0916 100644 --- a/service/scheduler/api_client.go +++ b/service/scheduler/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/scheduler/auth.go b/service/scheduler/auth.go index 55e394ec0be..6deb1919bb1 100644 --- a/service/scheduler/auth.go +++ b/service/scheduler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/scheduler/endpoints.go b/service/scheduler/endpoints.go index 847a35e5a45..fad8fd156c7 100644 --- a/service/scheduler/endpoints.go +++ b/service/scheduler/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/scheduler/options.go b/service/scheduler/options.go index 695da6cd40a..5258e24cd94 100644 --- a/service/scheduler/options.go +++ b/service/scheduler/options.go @@ -5,7 +5,6 @@ package scheduler import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/schemas/api_client.go b/service/schemas/api_client.go index d8d61657986..8a0869fc601 100644 --- a/service/schemas/api_client.go +++ b/service/schemas/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/schemas/auth.go b/service/schemas/auth.go index 83688f789cd..482e04c18cd 100644 --- a/service/schemas/auth.go +++ b/service/schemas/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/schemas/endpoints.go b/service/schemas/endpoints.go index 3d1601db021..500813661f7 100644 --- a/service/schemas/endpoints.go +++ b/service/schemas/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/schemas/options.go b/service/schemas/options.go index 655aaf1c4f5..82be4a2bb17 100644 --- a/service/schemas/options.go +++ b/service/schemas/options.go @@ -5,7 +5,6 @@ package schemas import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/secretsmanager/api_client.go b/service/secretsmanager/api_client.go index 042b85f4fba..99c25849ba3 100644 --- a/service/secretsmanager/api_client.go +++ b/service/secretsmanager/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/secretsmanager/auth.go b/service/secretsmanager/auth.go index 6e39c4d003f..ff911710d8d 100644 --- a/service/secretsmanager/auth.go +++ b/service/secretsmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/secretsmanager/endpoints.go b/service/secretsmanager/endpoints.go index 1b5704c067c..347bcf0d595 100644 --- a/service/secretsmanager/endpoints.go +++ b/service/secretsmanager/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -535,7 +534,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -564,9 +563,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -577,7 +573,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/secretsmanager/options.go b/service/secretsmanager/options.go index 4c1b9a0f819..a8817523e98 100644 --- a/service/secretsmanager/options.go +++ b/service/secretsmanager/options.go @@ -5,7 +5,6 @@ package secretsmanager import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/securityhub/api_client.go b/service/securityhub/api_client.go index 1df85cf57b0..4f6aefa66c9 100644 --- a/service/securityhub/api_client.go +++ b/service/securityhub/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/securityhub/auth.go b/service/securityhub/auth.go index 7d70e230e5f..e0c22d1f710 100644 --- a/service/securityhub/auth.go +++ b/service/securityhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/securityhub/endpoints.go b/service/securityhub/endpoints.go index f04486dd4cd..12519f0f80e 100644 --- a/service/securityhub/endpoints.go +++ b/service/securityhub/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/securityhub/options.go b/service/securityhub/options.go index 6b86e64006f..ac4e7ec6d08 100644 --- a/service/securityhub/options.go +++ b/service/securityhub/options.go @@ -5,7 +5,6 @@ package securityhub import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/securitylake/api_client.go b/service/securitylake/api_client.go index 4e3371a642e..cbf658d2388 100644 --- a/service/securitylake/api_client.go +++ b/service/securitylake/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/securitylake/auth.go b/service/securitylake/auth.go index 410df8b7831..9dd7760a79f 100644 --- a/service/securitylake/auth.go +++ b/service/securitylake/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/securitylake/endpoints.go b/service/securitylake/endpoints.go index a625f004a61..1e5a3c0310e 100644 --- a/service/securitylake/endpoints.go +++ b/service/securitylake/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/securitylake/options.go b/service/securitylake/options.go index 53a9a2d0ddb..0e1d88c8a88 100644 --- a/service/securitylake/options.go +++ b/service/securitylake/options.go @@ -5,7 +5,6 @@ package securitylake import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/serverlessapplicationrepository/api_client.go b/service/serverlessapplicationrepository/api_client.go index b5c783ccd7c..ade485b2d12 100644 --- a/service/serverlessapplicationrepository/api_client.go +++ b/service/serverlessapplicationrepository/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/serverlessapplicationrepository/auth.go b/service/serverlessapplicationrepository/auth.go index 5ab80392b7a..ebd835f7958 100644 --- a/service/serverlessapplicationrepository/auth.go +++ b/service/serverlessapplicationrepository/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/serverlessapplicationrepository/endpoints.go b/service/serverlessapplicationrepository/endpoints.go index d36ed61d0cf..9ab530aa066 100644 --- a/service/serverlessapplicationrepository/endpoints.go +++ b/service/serverlessapplicationrepository/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/serverlessapplicationrepository/options.go b/service/serverlessapplicationrepository/options.go index 97447c81449..be06d23b895 100644 --- a/service/serverlessapplicationrepository/options.go +++ b/service/serverlessapplicationrepository/options.go @@ -5,7 +5,6 @@ package serverlessapplicationrepository import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicecatalog/api_client.go b/service/servicecatalog/api_client.go index 1902f9f0b77..014a8d75ff7 100644 --- a/service/servicecatalog/api_client.go +++ b/service/servicecatalog/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicecatalog/auth.go b/service/servicecatalog/auth.go index a0cb682c40b..b524f9eb0c5 100644 --- a/service/servicecatalog/auth.go +++ b/service/servicecatalog/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicecatalog/endpoints.go b/service/servicecatalog/endpoints.go index 1a2798934a5..84fe4a0c737 100644 --- a/service/servicecatalog/endpoints.go +++ b/service/servicecatalog/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicecatalog/options.go b/service/servicecatalog/options.go index ec5080f7731..a7ded309f4c 100644 --- a/service/servicecatalog/options.go +++ b/service/servicecatalog/options.go @@ -5,7 +5,6 @@ package servicecatalog import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicecatalogappregistry/api_client.go b/service/servicecatalogappregistry/api_client.go index 8383514c4ed..601a061cf53 100644 --- a/service/servicecatalogappregistry/api_client.go +++ b/service/servicecatalogappregistry/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicecatalogappregistry/auth.go b/service/servicecatalogappregistry/auth.go index 12e794e99f7..9be5e3dd121 100644 --- a/service/servicecatalogappregistry/auth.go +++ b/service/servicecatalogappregistry/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicecatalogappregistry/endpoints.go b/service/servicecatalogappregistry/endpoints.go index a035edaa6e9..f5146673933 100644 --- a/service/servicecatalogappregistry/endpoints.go +++ b/service/servicecatalogappregistry/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicecatalogappregistry/options.go b/service/servicecatalogappregistry/options.go index 3572e32ca0c..73733a6f550 100644 --- a/service/servicecatalogappregistry/options.go +++ b/service/servicecatalogappregistry/options.go @@ -5,7 +5,6 @@ package servicecatalogappregistry import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicediscovery/api_client.go b/service/servicediscovery/api_client.go index 862904c2e17..14b734ac9bd 100644 --- a/service/servicediscovery/api_client.go +++ b/service/servicediscovery/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicediscovery/auth.go b/service/servicediscovery/auth.go index 725667002b7..d5461ba4751 100644 --- a/service/servicediscovery/auth.go +++ b/service/servicediscovery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicediscovery/endpoints.go b/service/servicediscovery/endpoints.go index d20fb44782a..a00cf7b7df4 100644 --- a/service/servicediscovery/endpoints.go +++ b/service/servicediscovery/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -497,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,9 +525,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -539,7 +535,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicediscovery/options.go b/service/servicediscovery/options.go index 1f02680fa6b..340a4980aa2 100644 --- a/service/servicediscovery/options.go +++ b/service/servicediscovery/options.go @@ -5,7 +5,6 @@ package servicediscovery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicequotas/api_client.go b/service/servicequotas/api_client.go index 70870fe4e8e..88ffac5cb6c 100644 --- a/service/servicequotas/api_client.go +++ b/service/servicequotas/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/servicequotas/auth.go b/service/servicequotas/auth.go index a8810b1ec92..ceed199dc8f 100644 --- a/service/servicequotas/auth.go +++ b/service/servicequotas/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicequotas/endpoints.go b/service/servicequotas/endpoints.go index d5d969f3645..8c9177c6305 100644 --- a/service/servicequotas/endpoints.go +++ b/service/servicequotas/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicequotas/options.go b/service/servicequotas/options.go index c0ced9993d0..fb84fcd2073 100644 --- a/service/servicequotas/options.go +++ b/service/servicequotas/options.go @@ -5,7 +5,6 @@ package servicequotas import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ses/api_client.go b/service/ses/api_client.go index 85f5153eab8..d8f0eef5b57 100644 --- a/service/ses/api_client.go +++ b/service/ses/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ses/auth.go b/service/ses/auth.go index fe07bb1a7aa..d8b13cc7ba2 100644 --- a/service/ses/auth.go +++ b/service/ses/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ses/endpoints.go b/service/ses/endpoints.go index 378a6aca667..9996efb86e7 100644 --- a/service/ses/endpoints.go +++ b/service/ses/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ses/options.go b/service/ses/options.go index c44ee3b4b27..4228f8c9284 100644 --- a/service/ses/options.go +++ b/service/ses/options.go @@ -5,7 +5,6 @@ package ses import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sesv2/api_client.go b/service/sesv2/api_client.go index 6472a5cf920..07eee0aa560 100644 --- a/service/sesv2/api_client.go +++ b/service/sesv2/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sesv2/auth.go b/service/sesv2/auth.go index a6c802789bc..394c55f4eb3 100644 --- a/service/sesv2/auth.go +++ b/service/sesv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sesv2/endpoints.go b/service/sesv2/endpoints.go index bc8157fa61c..d5ef5240c72 100644 --- a/service/sesv2/endpoints.go +++ b/service/sesv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sesv2/options.go b/service/sesv2/options.go index cebe05b2d4f..8c495a0a7bc 100644 --- a/service/sesv2/options.go +++ b/service/sesv2/options.go @@ -5,7 +5,6 @@ package sesv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sfn/api_client.go b/service/sfn/api_client.go index c2529cd96ce..2d0e82da400 100644 --- a/service/sfn/api_client.go +++ b/service/sfn/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sfn/auth.go b/service/sfn/auth.go index 65c92ae2d28..1322e8d24ba 100644 --- a/service/sfn/auth.go +++ b/service/sfn/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sfn/endpoints.go b/service/sfn/endpoints.go index d126551883c..3fa62e78d19 100644 --- a/service/sfn/endpoints.go +++ b/service/sfn/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -453,7 +452,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -482,9 +481,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -495,7 +491,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sfn/options.go b/service/sfn/options.go index 2c0151a4f41..dd620811879 100644 --- a/service/sfn/options.go +++ b/service/sfn/options.go @@ -5,7 +5,6 @@ package sfn import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/shield/api_client.go b/service/shield/api_client.go index 93d9de51a20..521f9b352fa 100644 --- a/service/shield/api_client.go +++ b/service/shield/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/shield/auth.go b/service/shield/auth.go index 589f97d43e3..153d4e905cf 100644 --- a/service/shield/auth.go +++ b/service/shield/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/shield/endpoints.go b/service/shield/endpoints.go index 9f808b15c6d..8a6f9e38aa2 100644 --- a/service/shield/endpoints.go +++ b/service/shield/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -509,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,9 +537,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -551,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/shield/options.go b/service/shield/options.go index be473a280ba..7bcfe299f36 100644 --- a/service/shield/options.go +++ b/service/shield/options.go @@ -5,7 +5,6 @@ package shield import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/signer/api_client.go b/service/signer/api_client.go index d01193200cf..d4eaba85662 100644 --- a/service/signer/api_client.go +++ b/service/signer/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/signer/auth.go b/service/signer/auth.go index 9405b6e607b..873472ff6c1 100644 --- a/service/signer/auth.go +++ b/service/signer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/signer/endpoints.go b/service/signer/endpoints.go index 66ccffd7160..e4dbaa11f14 100644 --- a/service/signer/endpoints.go +++ b/service/signer/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/signer/options.go b/service/signer/options.go index d1969254939..5b89a761c1f 100644 --- a/service/signer/options.go +++ b/service/signer/options.go @@ -5,7 +5,6 @@ package signer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/simspaceweaver/api_client.go b/service/simspaceweaver/api_client.go index 4f5f2b7cf50..bd91384e232 100644 --- a/service/simspaceweaver/api_client.go +++ b/service/simspaceweaver/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/simspaceweaver/auth.go b/service/simspaceweaver/auth.go index b46bfad9f84..13155737ce6 100644 --- a/service/simspaceweaver/auth.go +++ b/service/simspaceweaver/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/simspaceweaver/endpoints.go b/service/simspaceweaver/endpoints.go index cb1cd33d43f..685fa035ecb 100644 --- a/service/simspaceweaver/endpoints.go +++ b/service/simspaceweaver/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/simspaceweaver/options.go b/service/simspaceweaver/options.go index 6d04c4d2f8f..658f08ee598 100644 --- a/service/simspaceweaver/options.go +++ b/service/simspaceweaver/options.go @@ -5,7 +5,6 @@ package simspaceweaver import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sms/api_client.go b/service/sms/api_client.go index 4aa35247c09..6dc843ea16b 100644 --- a/service/sms/api_client.go +++ b/service/sms/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sms/auth.go b/service/sms/auth.go index e6853e797d7..3409c153804 100644 --- a/service/sms/auth.go +++ b/service/sms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sms/endpoints.go b/service/sms/endpoints.go index e09e8d362c5..dc2547cdf33 100644 --- a/service/sms/endpoints.go +++ b/service/sms/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sms/options.go b/service/sms/options.go index d6b75a64b76..e664fe1ab67 100644 --- a/service/sms/options.go +++ b/service/sms/options.go @@ -5,7 +5,6 @@ package sms import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/snowball/api_client.go b/service/snowball/api_client.go index 1410ebc1b50..cc3db20eeae 100644 --- a/service/snowball/api_client.go +++ b/service/snowball/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/snowball/auth.go b/service/snowball/auth.go index dc9d8df3ebf..51a68ca8409 100644 --- a/service/snowball/auth.go +++ b/service/snowball/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/snowball/endpoints.go b/service/snowball/endpoints.go index 8178baec0c9..a16be2260d3 100644 --- a/service/snowball/endpoints.go +++ b/service/snowball/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/snowball/options.go b/service/snowball/options.go index b98f6709f7b..6a2215c6ee6 100644 --- a/service/snowball/options.go +++ b/service/snowball/options.go @@ -5,7 +5,6 @@ package snowball import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/snowdevicemanagement/api_client.go b/service/snowdevicemanagement/api_client.go index 9e5eed5d303..82c9c24d13f 100644 --- a/service/snowdevicemanagement/api_client.go +++ b/service/snowdevicemanagement/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/snowdevicemanagement/auth.go b/service/snowdevicemanagement/auth.go index fa208b85bab..49885783d79 100644 --- a/service/snowdevicemanagement/auth.go +++ b/service/snowdevicemanagement/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/snowdevicemanagement/endpoints.go b/service/snowdevicemanagement/endpoints.go index e47a9d01f7a..7794ab1d240 100644 --- a/service/snowdevicemanagement/endpoints.go +++ b/service/snowdevicemanagement/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/snowdevicemanagement/options.go b/service/snowdevicemanagement/options.go index 9cdd2e98902..a23aaa58de7 100644 --- a/service/snowdevicemanagement/options.go +++ b/service/snowdevicemanagement/options.go @@ -5,7 +5,6 @@ package snowdevicemanagement import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sns/api_client.go b/service/sns/api_client.go index dca5b1975c6..f9f49a4a169 100644 --- a/service/sns/api_client.go +++ b/service/sns/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sns/auth.go b/service/sns/auth.go index 21216a84156..136bcc44ccc 100644 --- a/service/sns/auth.go +++ b/service/sns/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sns/endpoints.go b/service/sns/endpoints.go index b4b1ee018d0..57a5d562876 100644 --- a/service/sns/endpoints.go +++ b/service/sns/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -466,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,9 +494,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -508,7 +504,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sns/options.go b/service/sns/options.go index f935b6a2000..164bc9fd80b 100644 --- a/service/sns/options.go +++ b/service/sns/options.go @@ -5,7 +5,6 @@ package sns import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sqs/api_client.go b/service/sqs/api_client.go index ae0c312c650..078e5a039b1 100644 --- a/service/sqs/api_client.go +++ b/service/sqs/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sqs/auth.go b/service/sqs/auth.go index 20689338a6b..22607b3fb91 100644 --- a/service/sqs/auth.go +++ b/service/sqs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sqs/endpoints.go b/service/sqs/endpoints.go index 4bb4acf0a5f..4f9a68efbbe 100644 --- a/service/sqs/endpoints.go +++ b/service/sqs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sqs/options.go b/service/sqs/options.go index 0b3c0e327a7..ce3b7c08a4f 100644 --- a/service/sqs/options.go +++ b/service/sqs/options.go @@ -5,7 +5,6 @@ package sqs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssm/api_client.go b/service/ssm/api_client.go index ca54f27adc9..973f468d6cc 100644 --- a/service/ssm/api_client.go +++ b/service/ssm/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssm/auth.go b/service/ssm/auth.go index c811c25229f..bad85d052dc 100644 --- a/service/ssm/auth.go +++ b/service/ssm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssm/endpoints.go b/service/ssm/endpoints.go index e015299eddf..4cd4e2f7005 100644 --- a/service/ssm/endpoints.go +++ b/service/ssm/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssm/options.go b/service/ssm/options.go index afa9b6b9a98..197dfd32601 100644 --- a/service/ssm/options.go +++ b/service/ssm/options.go @@ -5,7 +5,6 @@ package ssm import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmcontacts/api_client.go b/service/ssmcontacts/api_client.go index eefb97f5ae6..2d5df6a118c 100644 --- a/service/ssmcontacts/api_client.go +++ b/service/ssmcontacts/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssmcontacts/auth.go b/service/ssmcontacts/auth.go index c53c93b4d4e..09b1868c310 100644 --- a/service/ssmcontacts/auth.go +++ b/service/ssmcontacts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmcontacts/endpoints.go b/service/ssmcontacts/endpoints.go index 4d693fdbb06..b10d9225b07 100644 --- a/service/ssmcontacts/endpoints.go +++ b/service/ssmcontacts/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmcontacts/options.go b/service/ssmcontacts/options.go index fd0a250b7f7..33962843fa0 100644 --- a/service/ssmcontacts/options.go +++ b/service/ssmcontacts/options.go @@ -5,7 +5,6 @@ package ssmcontacts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmincidents/api_client.go b/service/ssmincidents/api_client.go index e04be26b2e5..051d9b9ec25 100644 --- a/service/ssmincidents/api_client.go +++ b/service/ssmincidents/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssmincidents/auth.go b/service/ssmincidents/auth.go index f6a2c922170..6ea64afa132 100644 --- a/service/ssmincidents/auth.go +++ b/service/ssmincidents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmincidents/endpoints.go b/service/ssmincidents/endpoints.go index 81187cebe3c..b53257d9c7d 100644 --- a/service/ssmincidents/endpoints.go +++ b/service/ssmincidents/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmincidents/options.go b/service/ssmincidents/options.go index 2a4f40e54b6..4e460d6bae7 100644 --- a/service/ssmincidents/options.go +++ b/service/ssmincidents/options.go @@ -5,7 +5,6 @@ package ssmincidents import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmsap/api_client.go b/service/ssmsap/api_client.go index 03f2c226721..9fa396085f0 100644 --- a/service/ssmsap/api_client.go +++ b/service/ssmsap/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssmsap/auth.go b/service/ssmsap/auth.go index a2ad83a190c..97794fe045c 100644 --- a/service/ssmsap/auth.go +++ b/service/ssmsap/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmsap/endpoints.go b/service/ssmsap/endpoints.go index 961050017b2..88aa38c01f2 100644 --- a/service/ssmsap/endpoints.go +++ b/service/ssmsap/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmsap/options.go b/service/ssmsap/options.go index 2efd232711a..5d87320d021 100644 --- a/service/ssmsap/options.go +++ b/service/ssmsap/options.go @@ -5,7 +5,6 @@ package ssmsap import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sso/api_client.go b/service/sso/api_client.go index c5095f458fa..e439699253b 100644 --- a/service/sso/api_client.go +++ b/service/sso/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sso/auth.go b/service/sso/auth.go index d574fed9b10..3b28e825dd0 100644 --- a/service/sso/auth.go +++ b/service/sso/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -169,7 +169,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sso/endpoints.go b/service/sso/endpoints.go index e0a3d716ec3..d31380cf283 100644 --- a/service/sso/endpoints.go +++ b/service/sso/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sso/options.go b/service/sso/options.go index 9cdd5b797f5..5dee7e53f47 100644 --- a/service/sso/options.go +++ b/service/sso/options.go @@ -5,7 +5,6 @@ package sso import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssoadmin/api_client.go b/service/ssoadmin/api_client.go index 139c27ab167..55a0d66be7d 100644 --- a/service/ssoadmin/api_client.go +++ b/service/ssoadmin/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssoadmin/auth.go b/service/ssoadmin/auth.go index 5a618ac3293..1e646df3446 100644 --- a/service/ssoadmin/auth.go +++ b/service/ssoadmin/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssoadmin/endpoints.go b/service/ssoadmin/endpoints.go index 07ea4c937a7..97ab01ada72 100644 --- a/service/ssoadmin/endpoints.go +++ b/service/ssoadmin/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssoadmin/options.go b/service/ssoadmin/options.go index 8a44007985e..19a73da494a 100644 --- a/service/ssoadmin/options.go +++ b/service/ssoadmin/options.go @@ -5,7 +5,6 @@ package ssoadmin import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssooidc/api_client.go b/service/ssooidc/api_client.go index 6c02a4e091f..fed0897390b 100644 --- a/service/ssooidc/api_client.go +++ b/service/ssooidc/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/ssooidc/auth.go b/service/ssooidc/auth.go index ecb841f2686..40b3becb9f2 100644 --- a/service/ssooidc/auth.go +++ b/service/ssooidc/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -163,7 +163,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssooidc/endpoints.go b/service/ssooidc/endpoints.go index 2eec8c2ce31..85b87089026 100644 --- a/service/ssooidc/endpoints.go +++ b/service/ssooidc/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssooidc/options.go b/service/ssooidc/options.go index 841e61d60d7..b964e7e1090 100644 --- a/service/ssooidc/options.go +++ b/service/ssooidc/options.go @@ -5,7 +5,6 @@ package ssooidc import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/storagegateway/api_client.go b/service/storagegateway/api_client.go index a29c8dd25ae..63cd7792ecb 100644 --- a/service/storagegateway/api_client.go +++ b/service/storagegateway/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/storagegateway/auth.go b/service/storagegateway/auth.go index 5776f0da0e7..d269b16dcfe 100644 --- a/service/storagegateway/auth.go +++ b/service/storagegateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/storagegateway/endpoints.go b/service/storagegateway/endpoints.go index 74245959d4f..037dfd38855 100644 --- a/service/storagegateway/endpoints.go +++ b/service/storagegateway/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/storagegateway/options.go b/service/storagegateway/options.go index e4a1083a6ee..56242643334 100644 --- a/service/storagegateway/options.go +++ b/service/storagegateway/options.go @@ -5,7 +5,6 @@ package storagegateway import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sts/api_client.go b/service/sts/api_client.go index 4b7cb065a54..369de83b8bc 100644 --- a/service/sts/api_client.go +++ b/service/sts/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/sts/auth.go b/service/sts/auth.go index e20b3be850c..9db5bfd4348 100644 --- a/service/sts/auth.go +++ b/service/sts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -157,7 +157,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sts/endpoints.go b/service/sts/endpoints.go index ff586fda634..9f7932f9a06 100644 --- a/service/sts/endpoints.go +++ b/service/sts/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -1039,7 +1038,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1068,9 +1067,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -1081,7 +1077,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sts/options.go b/service/sts/options.go index 03e67beeb6f..5c1be79f8c0 100644 --- a/service/sts/options.go +++ b/service/sts/options.go @@ -5,7 +5,6 @@ package sts import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/support/api_client.go b/service/support/api_client.go index 5c6e7a80b62..26c69a172e5 100644 --- a/service/support/api_client.go +++ b/service/support/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/support/auth.go b/service/support/auth.go index 7b975565753..f0e15a2b911 100644 --- a/service/support/auth.go +++ b/service/support/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/support/endpoints.go b/service/support/endpoints.go index 9c818675a8b..78320a6dea0 100644 --- a/service/support/endpoints.go +++ b/service/support/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -611,7 +610,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -640,9 +639,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -653,7 +649,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/support/options.go b/service/support/options.go index 5dff19a353a..69b1659dd46 100644 --- a/service/support/options.go +++ b/service/support/options.go @@ -5,7 +5,6 @@ package support import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/supportapp/api_client.go b/service/supportapp/api_client.go index fd954721db4..6c07bd2471d 100644 --- a/service/supportapp/api_client.go +++ b/service/supportapp/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/supportapp/auth.go b/service/supportapp/auth.go index 4baed168af6..92a79c6d6c2 100644 --- a/service/supportapp/auth.go +++ b/service/supportapp/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/supportapp/endpoints.go b/service/supportapp/endpoints.go index 9b2697330c3..463f926d78c 100644 --- a/service/supportapp/endpoints.go +++ b/service/supportapp/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/supportapp/options.go b/service/supportapp/options.go index 62cb36c77c4..673b81f421e 100644 --- a/service/supportapp/options.go +++ b/service/supportapp/options.go @@ -5,7 +5,6 @@ package supportapp import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/swf/api_client.go b/service/swf/api_client.go index 1483f9e96a2..5c96e1b3b7b 100644 --- a/service/swf/api_client.go +++ b/service/swf/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/swf/auth.go b/service/swf/auth.go index 32987e77cc2..a65f2703925 100644 --- a/service/swf/auth.go +++ b/service/swf/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/swf/endpoints.go b/service/swf/endpoints.go index 1708c94a0fb..3ce4e00f7d0 100644 --- a/service/swf/endpoints.go +++ b/service/swf/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/swf/options.go b/service/swf/options.go index 3cb6d307752..bdd7ae4f100 100644 --- a/service/swf/options.go +++ b/service/swf/options.go @@ -5,7 +5,6 @@ package swf import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/synthetics/api_client.go b/service/synthetics/api_client.go index 8e5936d6bce..d4e227181a1 100644 --- a/service/synthetics/api_client.go +++ b/service/synthetics/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/synthetics/auth.go b/service/synthetics/auth.go index 9fb86541dee..e4c639e0d5b 100644 --- a/service/synthetics/auth.go +++ b/service/synthetics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/synthetics/endpoints.go b/service/synthetics/endpoints.go index c6c5191c6c5..a06c0238657 100644 --- a/service/synthetics/endpoints.go +++ b/service/synthetics/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/synthetics/options.go b/service/synthetics/options.go index 4fda82a51e3..58706c4623f 100644 --- a/service/synthetics/options.go +++ b/service/synthetics/options.go @@ -5,7 +5,6 @@ package synthetics import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/textract/api_client.go b/service/textract/api_client.go index e30a006a4ed..396aa5e859a 100644 --- a/service/textract/api_client.go +++ b/service/textract/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/textract/auth.go b/service/textract/auth.go index b4596a38b0a..84f5509736d 100644 --- a/service/textract/auth.go +++ b/service/textract/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/textract/endpoints.go b/service/textract/endpoints.go index 719f07231d5..a269fce1fe4 100644 --- a/service/textract/endpoints.go +++ b/service/textract/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/textract/options.go b/service/textract/options.go index 74deb331087..3196d15dc46 100644 --- a/service/textract/options.go +++ b/service/textract/options.go @@ -5,7 +5,6 @@ package textract import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamquery/api_client.go b/service/timestreamquery/api_client.go index e271e125355..38d59291619 100644 --- a/service/timestreamquery/api_client.go +++ b/service/timestreamquery/api_client.go @@ -244,16 +244,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/timestreamquery/auth.go b/service/timestreamquery/auth.go index 294027f6299..2465a26d10d 100644 --- a/service/timestreamquery/auth.go +++ b/service/timestreamquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreamquery/endpoints.go b/service/timestreamquery/endpoints.go index 66d2afbec82..a51df9d2afe 100644 --- a/service/timestreamquery/endpoints.go +++ b/service/timestreamquery/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreamquery/options.go b/service/timestreamquery/options.go index 1503054bc80..63731806d26 100644 --- a/service/timestreamquery/options.go +++ b/service/timestreamquery/options.go @@ -5,7 +5,6 @@ package timestreamquery import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamwrite/api_client.go b/service/timestreamwrite/api_client.go index 0fd878f9bc8..9faa3c21310 100644 --- a/service/timestreamwrite/api_client.go +++ b/service/timestreamwrite/api_client.go @@ -244,16 +244,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/timestreamwrite/auth.go b/service/timestreamwrite/auth.go index 08c2a877035..60a82021688 100644 --- a/service/timestreamwrite/auth.go +++ b/service/timestreamwrite/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreamwrite/endpoints.go b/service/timestreamwrite/endpoints.go index d6c79e921fd..59271f0e4b5 100644 --- a/service/timestreamwrite/endpoints.go +++ b/service/timestreamwrite/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -459,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,9 +487,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -501,7 +497,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreamwrite/options.go b/service/timestreamwrite/options.go index d393f59f8cb..d5fe7e8d723 100644 --- a/service/timestreamwrite/options.go +++ b/service/timestreamwrite/options.go @@ -5,7 +5,6 @@ package timestreamwrite import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/tnb/api_client.go b/service/tnb/api_client.go index 1d0713bbd8e..19c5b75c2c4 100644 --- a/service/tnb/api_client.go +++ b/service/tnb/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/tnb/auth.go b/service/tnb/auth.go index 83533426e06..1da0161e821 100644 --- a/service/tnb/auth.go +++ b/service/tnb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/tnb/endpoints.go b/service/tnb/endpoints.go index 0a8761cf620..bd23bb12baf 100644 --- a/service/tnb/endpoints.go +++ b/service/tnb/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/tnb/options.go b/service/tnb/options.go index af299bb0c6f..8c585deba7a 100644 --- a/service/tnb/options.go +++ b/service/tnb/options.go @@ -5,7 +5,6 @@ package tnb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transcribe/api_client.go b/service/transcribe/api_client.go index c980439724a..b4bba7691f9 100644 --- a/service/transcribe/api_client.go +++ b/service/transcribe/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/transcribe/auth.go b/service/transcribe/auth.go index 75474c0b586..1c7d78b943b 100644 --- a/service/transcribe/auth.go +++ b/service/transcribe/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transcribe/endpoints.go b/service/transcribe/endpoints.go index 871c71fc5a1..8b57b310855 100644 --- a/service/transcribe/endpoints.go +++ b/service/transcribe/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -504,7 +503,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -533,9 +532,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -546,7 +542,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transcribe/options.go b/service/transcribe/options.go index b4282d1d0f4..6960421abe6 100644 --- a/service/transcribe/options.go +++ b/service/transcribe/options.go @@ -5,7 +5,6 @@ package transcribe import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transcribestreaming/api_client.go b/service/transcribestreaming/api_client.go index c79eef39857..f051ff0f631 100644 --- a/service/transcribestreaming/api_client.go +++ b/service/transcribestreaming/api_client.go @@ -232,16 +232,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/transcribestreaming/auth.go b/service/transcribestreaming/auth.go index 1db9c2c4fa4..2fe6c8b9f3d 100644 --- a/service/transcribestreaming/auth.go +++ b/service/transcribestreaming/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transcribestreaming/endpoints.go b/service/transcribestreaming/endpoints.go index d1b0b8db17a..09dc0517777 100644 --- a/service/transcribestreaming/endpoints.go +++ b/service/transcribestreaming/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transcribestreaming/options.go b/service/transcribestreaming/options.go index 8131ecd5afa..29197d36f90 100644 --- a/service/transcribestreaming/options.go +++ b/service/transcribestreaming/options.go @@ -5,7 +5,6 @@ package transcribestreaming import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transfer/api_client.go b/service/transfer/api_client.go index a0c776fa08d..1c62f466764 100644 --- a/service/transfer/api_client.go +++ b/service/transfer/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/transfer/auth.go b/service/transfer/auth.go index 26d73de17f8..95de6b8fd2c 100644 --- a/service/transfer/auth.go +++ b/service/transfer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transfer/endpoints.go b/service/transfer/endpoints.go index ade877b3a0b..59ae020d821 100644 --- a/service/transfer/endpoints.go +++ b/service/transfer/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transfer/options.go b/service/transfer/options.go index b3cc5d2ca34..d78c3b1b72c 100644 --- a/service/transfer/options.go +++ b/service/transfer/options.go @@ -5,7 +5,6 @@ package transfer import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/translate/api_client.go b/service/translate/api_client.go index bece2c12790..146d04c4aaf 100644 --- a/service/translate/api_client.go +++ b/service/translate/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/translate/auth.go b/service/translate/auth.go index d56c37d8345..f791a4e28e4 100644 --- a/service/translate/auth.go +++ b/service/translate/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/translate/endpoints.go b/service/translate/endpoints.go index 95eae110dcd..94affb07744 100644 --- a/service/translate/endpoints.go +++ b/service/translate/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/translate/options.go b/service/translate/options.go index b6e740daab1..2ce6b77d68d 100644 --- a/service/translate/options.go +++ b/service/translate/options.go @@ -5,7 +5,6 @@ package translate import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/trustedadvisor/api_client.go b/service/trustedadvisor/api_client.go index a3c3ee4f316..599b9cc5576 100644 --- a/service/trustedadvisor/api_client.go +++ b/service/trustedadvisor/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/trustedadvisor/auth.go b/service/trustedadvisor/auth.go index 67a9590deea..9cb3a4bb1c9 100644 --- a/service/trustedadvisor/auth.go +++ b/service/trustedadvisor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/trustedadvisor/endpoints.go b/service/trustedadvisor/endpoints.go index 626e98680b7..0b0a40d85c8 100644 --- a/service/trustedadvisor/endpoints.go +++ b/service/trustedadvisor/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/trustedadvisor/options.go b/service/trustedadvisor/options.go index 448aa21b4d8..4114ac3e216 100644 --- a/service/trustedadvisor/options.go +++ b/service/trustedadvisor/options.go @@ -5,7 +5,6 @@ package trustedadvisor import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/verifiedpermissions/api_client.go b/service/verifiedpermissions/api_client.go index 1873f98302d..ff4a9917886 100644 --- a/service/verifiedpermissions/api_client.go +++ b/service/verifiedpermissions/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/verifiedpermissions/auth.go b/service/verifiedpermissions/auth.go index 3f93b4a6033..540779edade 100644 --- a/service/verifiedpermissions/auth.go +++ b/service/verifiedpermissions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/verifiedpermissions/endpoints.go b/service/verifiedpermissions/endpoints.go index 4641f8af287..4e7b394938f 100644 --- a/service/verifiedpermissions/endpoints.go +++ b/service/verifiedpermissions/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/verifiedpermissions/options.go b/service/verifiedpermissions/options.go index 919014b294e..d31ad4c9c98 100644 --- a/service/verifiedpermissions/options.go +++ b/service/verifiedpermissions/options.go @@ -5,7 +5,6 @@ package verifiedpermissions import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/voiceid/api_client.go b/service/voiceid/api_client.go index f543e8afd8c..5c0c7c63fa6 100644 --- a/service/voiceid/api_client.go +++ b/service/voiceid/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/voiceid/auth.go b/service/voiceid/auth.go index 7fde10e24f8..c5f2ae669c6 100644 --- a/service/voiceid/auth.go +++ b/service/voiceid/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/voiceid/endpoints.go b/service/voiceid/endpoints.go index 3dbaf25c40a..4132bd0020f 100644 --- a/service/voiceid/endpoints.go +++ b/service/voiceid/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/voiceid/options.go b/service/voiceid/options.go index 81b5c73454f..cb30aaf68fc 100644 --- a/service/voiceid/options.go +++ b/service/voiceid/options.go @@ -5,7 +5,6 @@ package voiceid import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/vpclattice/api_client.go b/service/vpclattice/api_client.go index f2d2d101d04..c860cb1cc15 100644 --- a/service/vpclattice/api_client.go +++ b/service/vpclattice/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/vpclattice/auth.go b/service/vpclattice/auth.go index bb66c509f11..4fa45714d18 100644 --- a/service/vpclattice/auth.go +++ b/service/vpclattice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/vpclattice/endpoints.go b/service/vpclattice/endpoints.go index bcad1242857..acafbf6ac62 100644 --- a/service/vpclattice/endpoints.go +++ b/service/vpclattice/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/vpclattice/options.go b/service/vpclattice/options.go index 0c732dce281..791d3a84876 100644 --- a/service/vpclattice/options.go +++ b/service/vpclattice/options.go @@ -5,7 +5,6 @@ package vpclattice import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/waf/api_client.go b/service/waf/api_client.go index eb2a5e2290b..0107b47b9d7 100644 --- a/service/waf/api_client.go +++ b/service/waf/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/waf/auth.go b/service/waf/auth.go index 4aa413d0a38..8d84b8a0f06 100644 --- a/service/waf/auth.go +++ b/service/waf/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/waf/endpoints.go b/service/waf/endpoints.go index 008ebf7990d..d9444a94e41 100644 --- a/service/waf/endpoints.go +++ b/service/waf/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -509,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,9 +537,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -551,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/waf/options.go b/service/waf/options.go index 228ff998d33..759f9257429 100644 --- a/service/waf/options.go +++ b/service/waf/options.go @@ -5,7 +5,6 @@ package waf import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wafregional/api_client.go b/service/wafregional/api_client.go index 2b83b31d423..2da6ab3bc40 100644 --- a/service/wafregional/api_client.go +++ b/service/wafregional/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wafregional/auth.go b/service/wafregional/auth.go index 26d35ca33a2..cb5fa2387ca 100644 --- a/service/wafregional/auth.go +++ b/service/wafregional/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wafregional/endpoints.go b/service/wafregional/endpoints.go index 11ef4efe5ed..23a76094677 100644 --- a/service/wafregional/endpoints.go +++ b/service/wafregional/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wafregional/options.go b/service/wafregional/options.go index f9c719ef40f..8139ebd1ed6 100644 --- a/service/wafregional/options.go +++ b/service/wafregional/options.go @@ -5,7 +5,6 @@ package wafregional import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wafv2/api_client.go b/service/wafv2/api_client.go index 10f9199f4b0..abd5886dd2a 100644 --- a/service/wafv2/api_client.go +++ b/service/wafv2/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wafv2/auth.go b/service/wafv2/auth.go index e99f5290592..79526df359d 100644 --- a/service/wafv2/auth.go +++ b/service/wafv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wafv2/endpoints.go b/service/wafv2/endpoints.go index 9247a4f5df9..4bbf22037c4 100644 --- a/service/wafv2/endpoints.go +++ b/service/wafv2/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wafv2/options.go b/service/wafv2/options.go index 51891994117..90a71b90531 100644 --- a/service/wafv2/options.go +++ b/service/wafv2/options.go @@ -5,7 +5,6 @@ package wafv2 import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wellarchitected/api_client.go b/service/wellarchitected/api_client.go index 2a387825f28..02c2a23882d 100644 --- a/service/wellarchitected/api_client.go +++ b/service/wellarchitected/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wellarchitected/auth.go b/service/wellarchitected/auth.go index 329da8d6f89..23a4124917a 100644 --- a/service/wellarchitected/auth.go +++ b/service/wellarchitected/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wellarchitected/endpoints.go b/service/wellarchitected/endpoints.go index 56096903626..5a355385166 100644 --- a/service/wellarchitected/endpoints.go +++ b/service/wellarchitected/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wellarchitected/options.go b/service/wellarchitected/options.go index c6a5a901e61..5b2102017ec 100644 --- a/service/wellarchitected/options.go +++ b/service/wellarchitected/options.go @@ -5,7 +5,6 @@ package wellarchitected import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wisdom/api_client.go b/service/wisdom/api_client.go index ed01e982858..2cc5c36571e 100644 --- a/service/wisdom/api_client.go +++ b/service/wisdom/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/wisdom/auth.go b/service/wisdom/auth.go index 21da2a24067..cc7e3e81155 100644 --- a/service/wisdom/auth.go +++ b/service/wisdom/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wisdom/endpoints.go b/service/wisdom/endpoints.go index f9869407e1a..528ee8fc173 100644 --- a/service/wisdom/endpoints.go +++ b/service/wisdom/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wisdom/options.go b/service/wisdom/options.go index ae16ff10997..5dcadba3b04 100644 --- a/service/wisdom/options.go +++ b/service/wisdom/options.go @@ -5,7 +5,6 @@ package wisdom import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workdocs/api_client.go b/service/workdocs/api_client.go index 126b5bc77bd..836b32180b7 100644 --- a/service/workdocs/api_client.go +++ b/service/workdocs/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workdocs/auth.go b/service/workdocs/auth.go index 3a558e44720..36e28d60a8f 100644 --- a/service/workdocs/auth.go +++ b/service/workdocs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workdocs/endpoints.go b/service/workdocs/endpoints.go index c8585c869e8..da26b7a8294 100644 --- a/service/workdocs/endpoints.go +++ b/service/workdocs/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workdocs/options.go b/service/workdocs/options.go index fe7ebfa60fe..df4739d4291 100644 --- a/service/workdocs/options.go +++ b/service/workdocs/options.go @@ -5,7 +5,6 @@ package workdocs import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/worklink/api_client.go b/service/worklink/api_client.go index ea71c255541..4a8645683cd 100644 --- a/service/worklink/api_client.go +++ b/service/worklink/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/worklink/auth.go b/service/worklink/auth.go index f7dedb1e01b..1dca21562bd 100644 --- a/service/worklink/auth.go +++ b/service/worklink/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/worklink/endpoints.go b/service/worklink/endpoints.go index a85c044f1b8..4cbe69f70ca 100644 --- a/service/worklink/endpoints.go +++ b/service/worklink/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/worklink/options.go b/service/worklink/options.go index d3fda138989..56b4993937b 100644 --- a/service/worklink/options.go +++ b/service/worklink/options.go @@ -5,7 +5,6 @@ package worklink import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workmail/api_client.go b/service/workmail/api_client.go index 37b79bc2f41..746f8625375 100644 --- a/service/workmail/api_client.go +++ b/service/workmail/api_client.go @@ -233,16 +233,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workmail/auth.go b/service/workmail/auth.go index 7ea094874bb..4a967cad3ff 100644 --- a/service/workmail/auth.go +++ b/service/workmail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workmail/endpoints.go b/service/workmail/endpoints.go index 4f57c9f8ab9..4de2592b178 100644 --- a/service/workmail/endpoints.go +++ b/service/workmail/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workmail/options.go b/service/workmail/options.go index c2884740323..cb93eca48f2 100644 --- a/service/workmail/options.go +++ b/service/workmail/options.go @@ -5,7 +5,6 @@ package workmail import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workmailmessageflow/api_client.go b/service/workmailmessageflow/api_client.go index 024804b5ecb..2a399897e47 100644 --- a/service/workmailmessageflow/api_client.go +++ b/service/workmailmessageflow/api_client.go @@ -230,16 +230,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workmailmessageflow/auth.go b/service/workmailmessageflow/auth.go index 6d246e3f8fc..aa173cd2cdf 100644 --- a/service/workmailmessageflow/auth.go +++ b/service/workmailmessageflow/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workmailmessageflow/endpoints.go b/service/workmailmessageflow/endpoints.go index 957c1893283..cf3a237159b 100644 --- a/service/workmailmessageflow/endpoints.go +++ b/service/workmailmessageflow/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workmailmessageflow/options.go b/service/workmailmessageflow/options.go index 934261a2e69..c8cbc66d0ba 100644 --- a/service/workmailmessageflow/options.go +++ b/service/workmailmessageflow/options.go @@ -5,7 +5,6 @@ package workmailmessageflow import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspaces/api_client.go b/service/workspaces/api_client.go index e8310a8cdf8..75bdb930596 100644 --- a/service/workspaces/api_client.go +++ b/service/workspaces/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workspaces/auth.go b/service/workspaces/auth.go index 500a0c2f585..b42be4d1fd9 100644 --- a/service/workspaces/auth.go +++ b/service/workspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspaces/endpoints.go b/service/workspaces/endpoints.go index 711ffccc3c2..69aed03d235 100644 --- a/service/workspaces/endpoints.go +++ b/service/workspaces/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspaces/options.go b/service/workspaces/options.go index 71ae2b2127b..ba469893f0b 100644 --- a/service/workspaces/options.go +++ b/service/workspaces/options.go @@ -5,7 +5,6 @@ package workspaces import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspacesthinclient/api_client.go b/service/workspacesthinclient/api_client.go index e09b7d367d2..431023ed515 100644 --- a/service/workspacesthinclient/api_client.go +++ b/service/workspacesthinclient/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workspacesthinclient/auth.go b/service/workspacesthinclient/auth.go index b7067c0669c..58483371f89 100644 --- a/service/workspacesthinclient/auth.go +++ b/service/workspacesthinclient/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspacesthinclient/endpoints.go b/service/workspacesthinclient/endpoints.go index adef56710f1..a96c5898160 100644 --- a/service/workspacesthinclient/endpoints.go +++ b/service/workspacesthinclient/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspacesthinclient/options.go b/service/workspacesthinclient/options.go index f2692d3d0fe..48b7ff835ab 100644 --- a/service/workspacesthinclient/options.go +++ b/service/workspacesthinclient/options.go @@ -5,7 +5,6 @@ package workspacesthinclient import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspacesweb/api_client.go b/service/workspacesweb/api_client.go index 3afeabc9f8b..52c076674e2 100644 --- a/service/workspacesweb/api_client.go +++ b/service/workspacesweb/api_client.go @@ -234,16 +234,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/workspacesweb/auth.go b/service/workspacesweb/auth.go index 818e1846d96..df1f2dc8284 100644 --- a/service/workspacesweb/auth.go +++ b/service/workspacesweb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspacesweb/endpoints.go b/service/workspacesweb/endpoints.go index da0d1e8f896..15a220d4afd 100644 --- a/service/workspacesweb/endpoints.go +++ b/service/workspacesweb/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspacesweb/options.go b/service/workspacesweb/options.go index 32f860eee6f..453592286e9 100644 --- a/service/workspacesweb/options.go +++ b/service/workspacesweb/options.go @@ -5,7 +5,6 @@ package workspacesweb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/xray/api_client.go b/service/xray/api_client.go index 23e041089ca..971c8b7e100 100644 --- a/service/xray/api_client.go +++ b/service/xray/api_client.go @@ -229,16 +229,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/xray/auth.go b/service/xray/auth.go index e316967f9c5..2535c31d707 100644 --- a/service/xray/auth.go +++ b/service/xray/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/xray/endpoints.go b/service/xray/endpoints.go index 9f040df47d4..aed3838d535 100644 --- a/service/xray/endpoints.go +++ b/service/xray/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -440,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,9 +468,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -482,7 +478,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/xray/options.go b/service/xray/options.go index e0a565b78e8..bcc3ba46c14 100644 --- a/service/xray/options.go +++ b/service/xray/options.go @@ -5,7 +5,6 @@ package xray import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string From bf49ee589a5f3e09555b1a5c3ccf1e87f1638ffd Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 6 Feb 2024 14:54:45 -0500 Subject: [PATCH 09/20] Modify accountID endpoint builtin codegen and config --- aws/accountid/account_id.go | 41 ---------- aws/accountid/mode/mode.go | 29 ------- aws/accountid_endpoint_mode.go | 12 +++ aws/config.go | 3 +- .../aws/go/codegen/AddAwsConfigFields.java | 7 +- .../aws/go/codegen/AwsGoDependency.java | 3 - .../codegen/LegacyEndpointContextSetter.java | 8 +- .../smithy/aws/go/codegen/SdkGoTypes.java | 10 +-- .../AccountIDEndpointRouting.java | 77 +++++++++++++++++++ .../customization/AwsAuthResolution.java | 8 +- .../customization/AwsEndpointBuiltins.java | 2 +- ...mithy.go.codegen.integration.GoIntegration | 1 + config/env_config.go | 19 +++-- config/env_config_test.go | 3 +- config/load_options.go | 7 +- config/provider.go | 5 +- config/resolve.go | 3 +- config/resolve_test.go | 11 ++- config/shared_config.go | 18 +++-- config/shared_config_test.go | 5 +- 20 files changed, 142 insertions(+), 130 deletions(-) delete mode 100644 aws/accountid/account_id.go delete mode 100644 aws/accountid/mode/mode.go create mode 100644 aws/accountid_endpoint_mode.go create mode 100644 codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java diff --git a/aws/accountid/account_id.go b/aws/accountid/account_id.go deleted file mode 100644 index 6a695afbebb..00000000000 --- a/aws/accountid/account_id.go +++ /dev/null @@ -1,41 +0,0 @@ -package accountid - -import ( - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" - "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - "github.com/aws/smithy-go/auth" -) - -// AccountID retrieves the accountID from identity or ignores that depending on accountID endpoint mode -func AccountID(identity auth.Identity, mode accountidmode.AIDMode) *string { - if ca, ok := identity.(*smithy.CredentialsAdapter); ok && (mode == accountidmode.Preferred || mode == accountidmode.Required) { - return aws.String(ca.Credentials.AccountID) - } - - return nil -} - -// CheckAccountID checks accountID mode in case the required accountID misses or -// accountID endpoint mode is configured with invalid value -func CheckAccountID(identity auth.Identity, mode accountidmode.AIDMode) error { - switch mode { - case "": - case accountidmode.Preferred: - case accountidmode.Disabled: - case accountidmode.Required: - if ca, ok := identity.(*smithy.CredentialsAdapter); !ok { - return fmt.Errorf("the accountID is configured to be required, but the " + - "identity provider could not be converted to a valid credentials adapter " + - "and provide an accountID, should try to configure a valid credentials provider") - } else if ca.Credentials.AccountID == "" { - return fmt.Errorf("the required accountID could not be empty") - } - // default check in case invalid mode is configured through request config - default: - return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) - } - - return nil -} diff --git a/aws/accountid/mode/mode.go b/aws/accountid/mode/mode.go deleted file mode 100644 index 2d931954f1c..00000000000 --- a/aws/accountid/mode/mode.go +++ /dev/null @@ -1,29 +0,0 @@ -package mode - -import "fmt" - -// AIDMode switches on/off the account ID based endpoint routing -type AIDMode string - -// enums of valid AIDMode -const ( - Preferred AIDMode = "preferred" - Required AIDMode = "required" - Disabled AIDMode = "disabled" -) - -// SetFromString converts config string to corresponding AIDMode or reports error if the value is not enumerated -func (mode *AIDMode) SetFromString(s string) error { - switch { - case s == "preferred": - *mode = Preferred - case s == "required": - *mode = Required - case s == "disabled": - *mode = Disabled - default: - return fmt.Errorf("unknown account id mode, must be preferred/required/disabled") - } - - return nil -} diff --git a/aws/accountid_endpoint_mode.go b/aws/accountid_endpoint_mode.go new file mode 100644 index 00000000000..55419c4cfbc --- /dev/null +++ b/aws/accountid_endpoint_mode.go @@ -0,0 +1,12 @@ +package aws + +// AccountIDEndpointMode switches on/off the account ID based endpoint routing +type AccountIDEndpointMode string + +// enums of valid AccountIDEndpointMode +const ( + AccountIDEndpointModeUnset AccountIDEndpointMode = "" + AccountIDEndpointModePreferred AccountIDEndpointMode = "preferred" + AccountIDEndpointModeRequired AccountIDEndpointMode = "required" + AccountIDEndpointModeDisabled AccountIDEndpointMode = "disabled" +) diff --git a/aws/config.go b/aws/config.go index 44a734e45ec..49a49f2e57e 100644 --- a/aws/config.go +++ b/aws/config.go @@ -1,7 +1,6 @@ package aws import ( - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "net/http" smithybearer "github.com/aws/smithy-go/auth/bearer" @@ -166,7 +165,7 @@ type Config struct { // AccountIDEndpointMode indicates how aws account ID is applied in endpoint2.0 routing. // Will be set to preferred by default. Supported modes are: Preferred, Required and Disabled - AccountIDEndpointMode mode.AIDMode + AccountIDEndpointMode AccountIDEndpointMode } // NewConfig returns a new Config pointer that can be chained with builder diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java index 688bb90b1f4..07c12397e6c 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java @@ -240,7 +240,7 @@ public class AddAwsConfigFields implements GoIntegration { .build(), AwsConfigField.builder() .name(SDK_AID_ENDPOINT_MODE) - .type(getAwsAccountIDModeSymbol("AIDMode")) + .type(SdkGoTypes.Aws.AccountIDEndpointMode) .documentation("Indicates how aws account ID is applied in endpoint2.0 routing") .build() ); @@ -265,11 +265,6 @@ private static Symbol getAwsRetrySymbol(String symbolName) { AwsGoDependency.AWS_RETRY).build(); } - private static Symbol getAwsAccountIDModeSymbol(String symbolName) { - return SymbolUtils.createValueSymbolBuilder(symbolName, - AwsGoDependency.AWS_ACCOUNT_ID_ENDPOINT_MODE).build(); - } - /** * Gets the sort order of the customization from -128 to 127, with lowest * executed first. diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java index 1eb93e39591..d5c7b414a4e 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AwsGoDependency.java @@ -64,9 +64,6 @@ public class AwsGoDependency { public static final GoDependency REGEXP = SmithyGoDependency.stdlib("regexp"); - public static final GoDependency AWS_ACCOUNT_ID = aws("aws/accountid", "accountid"); - public static final GoDependency AWS_ACCOUNT_ID_ENDPOINT_MODE = aws("aws/accountid/mode", "accountidmode"); - protected AwsGoDependency() { } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java index e175bb64abf..f3c571f7840 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java @@ -7,7 +7,6 @@ import software.amazon.smithy.go.codegen.GoDelegator; import software.amazon.smithy.go.codegen.GoSettings; import software.amazon.smithy.go.codegen.GoStackStepMiddlewareGenerator; -import software.amazon.smithy.go.codegen.GoStdlibTypes; import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.MiddlewareIdentifier; import software.amazon.smithy.go.codegen.SmithyGoDependency; @@ -64,13 +63,8 @@ public void renderPreEndpointResolutionHook(GoSettings settings, GoWriter writer if $T(ctx) { return next.HandleFinalize(ctx, in) } - if err := $T(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, $T("invalid accountID set: %w", err) - } """, - SdkGoTypes.Aws.Middleware.GetRequiresLegacyEndpoints, - SdkGoTypes.Aws.AccountID.CheckAccountID, - GoStdlibTypes.Fmt.Errorf); + SdkGoTypes.Aws.Middleware.GetRequiresLegacyEndpoints); } @Override diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java index 17d52c6f9fb..c91a3f4c2aa 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/SdkGoTypes.java @@ -33,6 +33,11 @@ public static final class Aws { public static final Symbol IsCredentialsProvider = AwsGoDependency.AWS_CORE.valueSymbol("IsCredentialsProvider"); public static final Symbol AnonymousCredentials = AwsGoDependency.AWS_CORE.pointableSymbol("AnonymousCredentials"); + public static final Symbol AccountIDEndpointMode = AwsGoDependency.AWS_CORE.valueSymbol("AccountIDEndpointMode"); + public static final Symbol AccountIDEndpointModeUnset = AwsGoDependency.AWS_CORE.valueSymbol("AccountIDEndpointModeUnset"); + public static final Symbol AccountIDEndpointModePreferred = AwsGoDependency.AWS_CORE.valueSymbol("AccountIDEndpointModePreferred"); + public static final Symbol AccountIDEndpointModeRequired = AwsGoDependency.AWS_CORE.valueSymbol("AccountIDEndpointModeRequired"); + public static final Symbol AccountIDEndpointModeDisabled = AwsGoDependency.AWS_CORE.valueSymbol("AccountIDEndpointModeDisabled"); public static final class Middleware { @@ -48,11 +53,6 @@ public static final class Retry { public static final Symbol Attempt = AwsGoDependency.AWS_RETRY.pointableSymbol("Attempt"); public static final Symbol MetricsHeader = AwsGoDependency.AWS_RETRY.pointableSymbol("MetricsHeader"); } - - public static final class AccountID { - public static final Symbol AccountID = AwsGoDependency.AWS_ACCOUNT_ID.pointableSymbol("AccountID"); - public static final Symbol CheckAccountID = AwsGoDependency.AWS_ACCOUNT_ID.pointableSymbol("CheckAccountID"); - } } public static final class Internal { diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java new file mode 100644 index 00000000000..984e35ff6b2 --- /dev/null +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java @@ -0,0 +1,77 @@ +package software.amazon.smithy.aws.go.codegen.customization; + +import software.amazon.smithy.aws.go.codegen.SdkGoTypes; +import software.amazon.smithy.codegen.core.SymbolProvider; +import software.amazon.smithy.go.codegen.*; +import software.amazon.smithy.go.codegen.integration.GoIntegration; +import software.amazon.smithy.model.Model; +import software.amazon.smithy.rulesengine.traits.EndpointRuleSetTrait; +import software.amazon.smithy.utils.MapUtils; + +import static software.amazon.smithy.go.codegen.GoWriter.goTemplate; + +public class AccountIDEndpointRouting implements GoIntegration { + @Override + public void renderPreEndpointResolutionHook(GoSettings settings, GoWriter writer, Model model) { + writer.write(""" + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, $T("invalid accountID set: %w", err) + } + """, + GoStdlibTypes.Fmt.Errorf); + } + + @Override + public void writeAdditionalFiles( + GoSettings settings, + Model model, + SymbolProvider symbolProvider, + GoDelegator goDelegator + ) { + if (!settings.getService(model).hasTrait(EndpointRuleSetTrait.class)) { + return; + } + goDelegator.useShapeWriter(settings.getService(model), goTemplate(""" + func accountID(identity $auth:T, mode $accountIDEndpointMode:T) *string { + if ca, ok := identity.(*$credentialsAdapter:T); ok && (mode == $aidModePreferred:T || mode == $aidModeRequired:T) { + return $string:T(ca.Credentials.AccountID) + } + + return nil + } + + func checkAccountID(identity $auth:T, mode $accountIDEndpointMode:T) error { + switch mode { + case $aidModeUnset:T: + case $aidModePreferred:T: + case $aidModeDisabled:T: + case $aidModeRequired:T: + if ca, ok := identity.(*$credentialsAdapter:T); !ok { + return $errorf:T("the accountID is configured to be required, but the " + + "identity provider could not be converted to a valid credentials adapter " + + "and provide an accountID, should try to configure a valid credentials provider") + } else if ca.Credentials.AccountID == "" { + return $errorf:T("the required accountID could not be empty") + } + // default check in case invalid mode is configured through request config + default: + return $errorf:T("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil + } + """, + MapUtils.of( + "auth", SmithyGoTypes.Auth.Identity, + "accountIDEndpointMode", SdkGoTypes.Aws.AccountIDEndpointMode, + "credentialsAdapter", SdkGoTypes.Internal.Auth.Smithy.CredentialsAdapter, + "aidModePreferred", SdkGoTypes.Aws.AccountIDEndpointModePreferred, + "aidModeRequired", SdkGoTypes.Aws.AccountIDEndpointModeRequired, + "aidModeUnset", SdkGoTypes.Aws.AccountIDEndpointModeUnset, + "aidModeDisabled", SdkGoTypes.Aws.AccountIDEndpointModeDisabled, + "errorf", GoStdlibTypes.Fmt.Errorf, + "string", SdkGoTypes.Aws.String + ) + )); + } +} diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java index e5ead8d3449..6f7eeba93a0 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsAuthResolution.java @@ -95,7 +95,7 @@ private boolean isSigV4Service(Model model, ServiceShape service) { private GoWriter.Writable writeRegionResolver() { return goTemplate(""" - func bindAuthParamsRegion(params $P, _ interface{}, options Options, _ interface{}) { + func bindAuthParamsRegion( _ interface{}, params $P, _ interface{}, options Options) { params.Region = options.Region } """, AuthParametersGenerator.STRUCT_SYMBOL); @@ -103,9 +103,9 @@ func bindAuthParamsRegion(params $P, _ interface{}, options Options, _ interface private GoWriter.Writable writeEndpointParamResolver() { return goTemplate(""" - func bindAuthEndpointParams(params $P, input interface{}, options Options, ctx $P) { - params.endpointParams = bindEndpointParams(input, options, ctx) + func bindAuthEndpointParams(ctx $P, params $P, input interface{}, options Options) { + params.endpointParams = bindEndpointParams(ctx, input, options) } - """, AuthParametersGenerator.STRUCT_SYMBOL, GoStdlibTypes.Context.Context); + """, GoStdlibTypes.Context.Context, AuthParametersGenerator.STRUCT_SYMBOL); } } \ No newline at end of file diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java index ba206657cfd..ed4d008f0d9 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java @@ -33,7 +33,7 @@ public class AwsEndpointBuiltins implements GoIntegration { private static final GoWriter.Writable BindAwsS3DisableMultiRegionAccessPoints = goTemplate("$T(options.DisableMultiRegionAccessPoints)", SdkGoTypes.Aws.Bool); private static final GoWriter.Writable BindAccountID = - goTemplate("$T(getIdentity(ctx), options.AccountIDEndpointMode)", SdkGoTypes.Aws.AccountID.AccountID); + goTemplate("accountID(getIdentity(ctx), options.AccountIDEndpointMode)"); @Override public List getClientPlugins() { diff --git a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration index fa7533ac3dd..461e3e2b9db 100644 --- a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration +++ b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration @@ -73,3 +73,4 @@ software.amazon.smithy.aws.go.codegen.customization.auth.S3ExpressAuthScheme software.amazon.smithy.aws.go.codegen.customization.S3BucketContext software.amazon.smithy.aws.go.codegen.customization.s3.ExpressDefaultChecksum software.amazon.smithy.aws.go.codegen.customization.auth.GlobalAnonymousOption +software.amazon.smithy.aws.go.codegen.customization.AccountIDEndpointRouting diff --git a/config/env_config.go b/config/env_config.go index 73877c982de..3a06f1412a7 100644 --- a/config/env_config.go +++ b/config/env_config.go @@ -4,7 +4,6 @@ import ( "bytes" "context" "fmt" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io" "io/ioutil" "os" @@ -296,7 +295,7 @@ type EnvConfig struct { S3DisableExpressAuth *bool // Indicates whether account ID will be required/ignored in endpoint2.0 routing - AccountIDEndpointMode mode.AIDMode + AccountIDEndpointMode aws.AccountIDEndpointMode } // loadEnvConfig reads configuration values from the OS's environment variables. @@ -429,7 +428,7 @@ func (c EnvConfig) getRequestMinCompressSizeBytes(context.Context) (int64, bool, return *c.RequestMinCompressSizeBytes, true, nil } -func (c EnvConfig) getAccountIDEndpointMode(context.Context) (mode.AIDMode, bool, error) { +func (c EnvConfig) getAccountIDEndpointMode(context.Context) (aws.AccountIDEndpointMode, bool, error) { return c.AccountIDEndpointMode, len(c.AccountIDEndpointMode) > 0, nil } @@ -507,14 +506,22 @@ func setEC2IMDSEndpointMode(mode *imds.EndpointModeState, keys []string) error { return nil } -func setAIDEndPointModeFromEnvVal(mode *mode.AIDMode, keys []string) error { +func setAIDEndPointModeFromEnvVal(m *aws.AccountIDEndpointMode, keys []string) error { for _, k := range keys { value := os.Getenv(k) if len(value) == 0 { continue } - if err := mode.SetFromString(value); err != nil { - return fmt.Errorf("invalid value for environment variable, %s=%s, %v", k, value, err) + + switch value { + case "preferred": + *m = aws.AccountIDEndpointModePreferred + case "required": + *m = aws.AccountIDEndpointModeRequired + case "disabled": + *m = aws.AccountIDEndpointModeDisabled + default: + return fmt.Errorf("invalid value for environment variable, %s=%s, must be preferred/required/disabled", k, value) } break } diff --git a/config/env_config_test.go b/config/env_config_test.go index 2813763dc9e..cf9ae4f34fe 100644 --- a/config/env_config_test.go +++ b/config/env_config_test.go @@ -1,7 +1,6 @@ package config import ( - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "os" "reflect" "strconv" @@ -514,7 +513,7 @@ func TestNewEnvConfig(t *testing.T) { "AWS_ACCOUNT_ID_ENDPOINT_MODE": "required", }, Config: EnvConfig{ - AccountIDEndpointMode: mode.Required, + AccountIDEndpointMode: aws.AccountIDEndpointModeRequired, }, WantErr: false, }, diff --git a/config/load_options.go b/config/load_options.go index 50bd8428342..2c25d135c9d 100644 --- a/config/load_options.go +++ b/config/load_options.go @@ -5,7 +5,6 @@ import ( "io" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds" "github.com/aws/aws-sdk-go-v2/credentials/endpointcreds" "github.com/aws/aws-sdk-go-v2/credentials/processcreds" @@ -217,7 +216,7 @@ type LoadOptions struct { // Whether S3 Express auth is disabled. S3DisableExpressAuth *bool - AccountIDEndpointMode mode.AIDMode + AccountIDEndpointMode aws.AccountIDEndpointMode } func (o LoadOptions) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) { @@ -281,7 +280,7 @@ func (o LoadOptions) getRequestMinCompressSizeBytes(ctx context.Context) (int64, return *o.RequestMinCompressSizeBytes, true, nil } -func (o LoadOptions) getAccountIDEndpointMode(ctx context.Context) (mode.AIDMode, bool, error) { +func (o LoadOptions) getAccountIDEndpointMode(ctx context.Context) (aws.AccountIDEndpointMode, bool, error) { return o.AccountIDEndpointMode, len(o.AccountIDEndpointMode) > 0, nil } @@ -332,7 +331,7 @@ func WithRequestMinCompressSizeBytes(RequestMinCompressSizeBytes *int64) LoadOpt // WithAccountIDEndpointMode is a helper function to construct functional options // that sets AccountIDEndpointMode on config's LoadOptions -func WithAccountIDEndpointMode(m mode.AIDMode) LoadOptionsFunc { +func WithAccountIDEndpointMode(m aws.AccountIDEndpointMode) LoadOptionsFunc { return func(o *LoadOptions) error { if m != "" { o.AccountIDEndpointMode = m diff --git a/config/provider.go b/config/provider.go index 1098f4aab46..043781f1f77 100644 --- a/config/provider.go +++ b/config/provider.go @@ -2,7 +2,6 @@ package config import ( "context" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io" "net/http" @@ -228,10 +227,10 @@ func getRequestMinCompressSizeBytes(ctx context.Context, configs configs) (value // accountIDEndpointModeProvider provides access to the AccountIDEndpointMode type accountIDEndpointModeProvider interface { - getAccountIDEndpointMode(context.Context) (mode.AIDMode, bool, error) + getAccountIDEndpointMode(context.Context) (aws.AccountIDEndpointMode, bool, error) } -func getAccountIDEndpointMode(ctx context.Context, configs configs) (value mode.AIDMode, found bool, err error) { +func getAccountIDEndpointMode(ctx context.Context, configs configs) (value aws.AccountIDEndpointMode, found bool, err error) { for _, cfg := range configs { if p, ok := cfg.(accountIDEndpointModeProvider); ok { value, found, err = p.getAccountIDEndpointMode(ctx) diff --git a/config/resolve.go b/config/resolve.go index 6113e6181a4..41009c7da06 100644 --- a/config/resolve.go +++ b/config/resolve.go @@ -5,7 +5,6 @@ import ( "crypto/tls" "crypto/x509" "fmt" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io/ioutil" "net/http" "os" @@ -176,7 +175,7 @@ func resolveAccountIDEndpointMode(ctx context.Context, cfg *aws.Config, configs } if !found { - m = mode.Preferred + m = aws.AccountIDEndpointModePreferred } cfg.AccountIDEndpointMode = m diff --git a/config/resolve_test.go b/config/resolve_test.go index a3485f3b57a..e0268500072 100644 --- a/config/resolve_test.go +++ b/config/resolve_test.go @@ -4,7 +4,6 @@ import ( "bytes" "context" "encoding/json" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io/ioutil" "net/http" "net/http/httptest" @@ -233,15 +232,15 @@ func TestResolveDisableRequestCompression(t *testing.T) { func TestResolveAccountIDEndpointMode(t *testing.T) { cases := map[string]struct { - AccountIDEndpointMode mode.AIDMode - ExpectMode mode.AIDMode + AccountIDEndpointMode aws.AccountIDEndpointMode + ExpectMode aws.AccountIDEndpointMode }{ "accountID required for endpoint routing": { - AccountIDEndpointMode: mode.Required, - ExpectMode: mode.Required, + AccountIDEndpointMode: aws.AccountIDEndpointModeRequired, + ExpectMode: aws.AccountIDEndpointModeRequired, }, "accountID unset": { - ExpectMode: mode.Preferred, + ExpectMode: aws.AccountIDEndpointModePreferred, }, } diff --git a/config/shared_config.go b/config/shared_config.go index 08ba4c885c2..d7a2b5307ea 100644 --- a/config/shared_config.go +++ b/config/shared_config.go @@ -5,7 +5,6 @@ import ( "context" "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "io" "io/ioutil" "os" @@ -346,7 +345,7 @@ type SharedConfig struct { // associated with the feature. S3DisableExpressAuth *bool - AccountIDEndpointMode mode.AIDMode + AccountIDEndpointMode aws.AccountIDEndpointMode } func (c SharedConfig) getDefaultsMode(ctx context.Context) (value aws.DefaultsMode, ok bool, err error) { @@ -1188,14 +1187,21 @@ func updateDisableRequestCompression(disable **bool, sec ini.Section, key string return nil } -func updateAIDEndpointMode(m *mode.AIDMode, sec ini.Section, key string) error { +func updateAIDEndpointMode(m *aws.AccountIDEndpointMode, sec ini.Section, key string) error { if !sec.Has(key) { return nil } v := sec.String(key) - if err := m.SetFromString(v); err != nil { - return fmt.Errorf("invalid value: %s, %q", v, err) + switch v { + case "preferred": + *m = aws.AccountIDEndpointModePreferred + case "required": + *m = aws.AccountIDEndpointModeRequired + case "disabled": + *m = aws.AccountIDEndpointModeDisabled + default: + return fmt.Errorf("invalid value for shared config profile field, %s=%s, must be preferred/required/disabled", key, v) } return nil @@ -1215,7 +1221,7 @@ func (c SharedConfig) getDisableRequestCompression(ctx context.Context) (bool, b return *c.DisableRequestCompression, true, nil } -func (c SharedConfig) getAccountIDEndpointMode(ctx context.Context) (mode.AIDMode, bool, error) { +func (c SharedConfig) getAccountIDEndpointMode(ctx context.Context) (aws.AccountIDEndpointMode, bool, error) { return c.AccountIDEndpointMode, len(c.AccountIDEndpointMode) > 0, nil } diff --git a/config/shared_config_test.go b/config/shared_config_test.go index 82f99f37fc7..d05fd41e6ba 100644 --- a/config/shared_config_test.go +++ b/config/shared_config_test.go @@ -4,7 +4,6 @@ import ( "bytes" "context" "fmt" - "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" "path/filepath" "reflect" "strconv" @@ -749,7 +748,7 @@ func TestNewSharedConfig(t *testing.T) { Profile: "account_id_endpoint_mode", Expected: SharedConfig{ Profile: "account_id_endpoint_mode", - AccountIDEndpointMode: mode.Disabled, + AccountIDEndpointMode: aws.AccountIDEndpointModeDisabled, }, }, "profile with invalid account ID endpoint mode": { @@ -758,7 +757,7 @@ func TestNewSharedConfig(t *testing.T) { Expected: SharedConfig{ Profile: "account_id_endpoint_mode_error", }, - Err: fmt.Errorf("unknown account id mode, must be preferred/required/disabled"), + Err: fmt.Errorf("invalid value for shared config profile field, account_id_endpoint_mode=blabla, must be preferred/required/disabled"), }, } From 02e7fdeee14cef01637eed0636470806e6b8bf71 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 6 Feb 2024 15:22:45 -0500 Subject: [PATCH 10/20] remove unexported service feature --- ...pi_op_UpdateKinesisStreamingDestination.go | 207 ------------------ 1 file changed, 207 deletions(-) delete mode 100644 service/dynamodb/api_op_UpdateKinesisStreamingDestination.go diff --git a/service/dynamodb/api_op_UpdateKinesisStreamingDestination.go b/service/dynamodb/api_op_UpdateKinesisStreamingDestination.go deleted file mode 100644 index 4c727233ec6..00000000000 --- a/service/dynamodb/api_op_UpdateKinesisStreamingDestination.go +++ /dev/null @@ -1,207 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package dynamodb - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - "github.com/aws/aws-sdk-go-v2/service/dynamodb/types" - internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// The command to update the Kinesis stream destination. -func (c *Client) UpdateKinesisStreamingDestination(ctx context.Context, params *UpdateKinesisStreamingDestinationInput, optFns ...func(*Options)) (*UpdateKinesisStreamingDestinationOutput, error) { - if params == nil { - params = &UpdateKinesisStreamingDestinationInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "UpdateKinesisStreamingDestination", params, optFns, c.addOperationUpdateKinesisStreamingDestinationMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*UpdateKinesisStreamingDestinationOutput) - out.ResultMetadata = metadata - return out, nil -} - -type UpdateKinesisStreamingDestinationInput struct { - - // The ARN for the Kinesis stream input. - // - // This member is required. - StreamArn *string - - // The table name for the Kinesis streaming destination input. - // - // This member is required. - TableName *string - - // The command to update the Kinesis stream configuration. - UpdateKinesisStreamingConfiguration *types.UpdateKinesisStreamingConfiguration - - noSmithyDocumentSerde -} - -type UpdateKinesisStreamingDestinationOutput struct { - - // The status of the attempt to update the Kinesis streaming destination output. - DestinationStatus types.DestinationStatus - - // The ARN for the Kinesis stream input. - StreamArn *string - - // The table name for the Kinesis streaming destination output. - TableName *string - - // The command to update the Kinesis streaming destination configuration. - UpdateKinesisStreamingConfiguration *types.UpdateKinesisStreamingConfiguration - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationUpdateKinesisStreamingDestinationMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson10_serializeOpUpdateKinesisStreamingDestination{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateKinesisStreamingDestination"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { - return err - } - if err = addRetryMiddlewares(stack, options); err != nil { - return err - } - if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { - return err - } - if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addOpUpdateKinesisStreamingDestinationDiscoverEndpointMiddleware(stack, options, c); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addOpUpdateKinesisStreamingDestinationValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateKinesisStreamingDestination(options.Region), middleware.Before); err != nil { - return err - } - if err = awsmiddleware.AddRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addValidateResponseChecksum(stack, options); err != nil { - return err - } - if err = addAcceptEncodingGzip(stack, options); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - return nil -} - -func addOpUpdateKinesisStreamingDestinationDiscoverEndpointMiddleware(stack *middleware.Stack, o Options, c *Client) error { - return stack.Finalize.Insert(&internalEndpointDiscovery.DiscoverEndpoint{ - Options: []func(*internalEndpointDiscovery.DiscoverEndpointOptions){ - func(opt *internalEndpointDiscovery.DiscoverEndpointOptions) { - opt.DisableHTTPS = o.EndpointOptions.DisableHTTPS - opt.Logger = o.Logger - }, - }, - DiscoverOperation: c.fetchOpUpdateKinesisStreamingDestinationDiscoverEndpoint, - EndpointDiscoveryEnableState: o.EndpointDiscovery.EnableEndpointDiscovery, - EndpointDiscoveryRequired: false, - Region: o.Region, - }, "ResolveEndpointV2", middleware.After) -} - -func (c *Client) fetchOpUpdateKinesisStreamingDestinationDiscoverEndpoint(ctx context.Context, region string, optFns ...func(*internalEndpointDiscovery.DiscoverEndpointOptions)) (internalEndpointDiscovery.WeightedAddress, error) { - input := getOperationInput(ctx) - in, ok := input.(*UpdateKinesisStreamingDestinationInput) - if !ok { - return internalEndpointDiscovery.WeightedAddress{}, fmt.Errorf("unknown input type %T", input) - } - _ = in - - identifierMap := make(map[string]string, 0) - identifierMap["sdk#Region"] = region - - key := fmt.Sprintf("DynamoDB.%v", identifierMap) - - if v, ok := c.endpointCache.Get(key); ok { - return v, nil - } - - discoveryOperationInput := &DescribeEndpointsInput{} - - opt := internalEndpointDiscovery.DiscoverEndpointOptions{} - for _, fn := range optFns { - fn(&opt) - } - - go c.handleEndpointDiscoveryFromService(ctx, discoveryOperationInput, region, key, opt) - return internalEndpointDiscovery.WeightedAddress{}, nil -} - -func newServiceMetadataMiddleware_opUpdateKinesisStreamingDestination(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "UpdateKinesisStreamingDestination", - } -} From 5764f5c5eabe5734189f43f674271cbffac355f6 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 6 Feb 2024 16:30:07 -0500 Subject: [PATCH 11/20] restore dynamodb model and service --- codegen/sdk-codegen/aws-models/dynamodb.json | 182 +---------- service/dynamodb/api_client.go | 19 +- ...i_op_DisableKinesisStreamingDestination.go | 6 - ...pi_op_EnableKinesisStreamingDestination.go | 6 - service/dynamodb/auth.go | 8 +- service/dynamodb/deserializers.go | 285 ------------------ service/dynamodb/endpoints.go | 8 +- service/dynamodb/generated.json | 1 - service/dynamodb/options.go | 4 - service/dynamodb/serializers.go | 117 ------- service/dynamodb/types/enums.go | 21 -- service/dynamodb/types/types.go | 27 +- service/dynamodb/validators.go | 42 --- 13 files changed, 19 insertions(+), 707 deletions(-) diff --git a/codegen/sdk-codegen/aws-models/dynamodb.json b/codegen/sdk-codegen/aws-models/dynamodb.json index 29015a76316..c47b042f527 100644 --- a/codegen/sdk-codegen/aws-models/dynamodb.json +++ b/codegen/sdk-codegen/aws-models/dynamodb.json @@ -25,35 +25,10 @@ { "id": "Service", "namespace": "*" - }, - { - "id": "RuleSetAwsBuiltIn.AWS::Auth::AccountId", - "namespace": "*" - }, - { - "id": "RuleSetParameter.TestCase.Unused", - "namespace": "*" } ] }, "shapes": { - "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision": { - "type": "enum", - "members": { - "MILLISECOND": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "MILLISECOND" - } - }, - "MICROSECOND": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "MICROSECOND" - } - } - } - }, "com.amazonaws.dynamodb#ArchivalReason": { "type": "string" }, @@ -3500,12 +3475,6 @@ "traits": { "smithy.api#enumValue": "ENABLE_FAILED" } - }, - "UPDATING": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "UPDATING" - } } } }, @@ -3710,9 +3679,6 @@ { "target": "com.amazonaws.dynamodb#UpdateItem" }, - { - "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingDestination" - }, { "target": "com.amazonaws.dynamodb#UpdateTable" }, @@ -3747,12 +3713,6 @@ "smithy.rules#endpointRuleSet": { "version": "1.0", "parameters": { - "AccountId": { - "builtIn": "AWS::Auth::AccountId", - "required": false, - "documentation": "The AWS account ID.", - "type": "String" - }, "Region": { "builtIn": "AWS::Region", "required": false, @@ -4831,20 +4791,6 @@ } } }, - "com.amazonaws.dynamodb#EnableKinesisStreamingConfiguration": { - "type": "structure", - "members": { - "ApproximateCreationDateTimePrecision": { - "target": "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision", - "traits": { - "smithy.api#documentation": "

Toggle for the precision of Kinesis data stream timestamp. The values are either MILLISECOND or MICROSECOND.

" - } - } - }, - "traits": { - "smithy.api#documentation": "

Enables setting the configuration for Kinesis Streaming.

" - } - }, "com.amazonaws.dynamodb#EnableKinesisStreamingDestination": { "type": "operation", "input": { @@ -7013,12 +6959,6 @@ "traits": { "smithy.api#documentation": "

The human-readable string that corresponds to the replica status.

" } - }, - "ApproximateCreationDateTimePrecision": { - "target": "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision", - "traits": { - "smithy.api#documentation": "

The precision of the Kinesis data stream timestamp. The values are either MILLISECOND or MICROSECOND.

" - } } }, "traits": { @@ -7047,12 +6987,6 @@ "smithy.api#documentation": "

The ARN for a Kinesis data stream.

", "smithy.api#required": {} } - }, - "EnableKinesisStreamingConfiguration": { - "target": "com.amazonaws.dynamodb#EnableKinesisStreamingConfiguration", - "traits": { - "smithy.api#documentation": "

The source for the Kinesis streaming information that is being enabled.

" - } } } }, @@ -7076,12 +7010,6 @@ "traits": { "smithy.api#documentation": "

The current status of the replication.

" } - }, - "EnableKinesisStreamingConfiguration": { - "target": "com.amazonaws.dynamodb#EnableKinesisStreamingConfiguration", - "traits": { - "smithy.api#documentation": "

The destination for the Kinesis streaming information that is being enabled.

" - } } } }, @@ -7849,7 +7777,7 @@ "Statement": { "target": "com.amazonaws.dynamodb#PartiQLStatement", "traits": { - "smithy.api#documentation": "

A PartiQL statement that uses parameters.

", + "smithy.api#documentation": "

A PartiQL statment that uses parameters.

", "smithy.api#required": {} } }, @@ -7867,7 +7795,7 @@ } }, "traits": { - "smithy.api#documentation": "

Represents a PartiQL statement that uses parameters.

" + "smithy.api#documentation": "

Represents a PartiQL statment that uses parameters.

" } }, "com.amazonaws.dynamodb#ParameterizedStatements": { @@ -11815,112 +11743,6 @@ "smithy.api#output": {} } }, - "com.amazonaws.dynamodb#UpdateKinesisStreamingConfiguration": { - "type": "structure", - "members": { - "ApproximateCreationDateTimePrecision": { - "target": "com.amazonaws.dynamodb#ApproximateCreationDateTimePrecision", - "traits": { - "smithy.api#documentation": "

Enables updating the precision of Kinesis data stream timestamp.

" - } - } - }, - "traits": { - "smithy.api#documentation": "

Enables updating the configuration for Kinesis Streaming.

" - } - }, - "com.amazonaws.dynamodb#UpdateKinesisStreamingDestination": { - "type": "operation", - "input": { - "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationInput" - }, - "output": { - "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationOutput" - }, - "errors": [ - { - "target": "com.amazonaws.dynamodb#InternalServerError" - }, - { - "target": "com.amazonaws.dynamodb#InvalidEndpointException" - }, - { - "target": "com.amazonaws.dynamodb#LimitExceededException" - }, - { - "target": "com.amazonaws.dynamodb#ResourceInUseException" - }, - { - "target": "com.amazonaws.dynamodb#ResourceNotFoundException" - } - ], - "traits": { - "aws.api#clientDiscoveredEndpoint": { - "required": false - }, - "smithy.api#documentation": "

The command to update the Kinesis stream destination.

" - } - }, - "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationInput": { - "type": "structure", - "members": { - "TableName": { - "target": "com.amazonaws.dynamodb#TableName", - "traits": { - "smithy.api#documentation": "

The table name for the Kinesis streaming destination input.

", - "smithy.api#required": {} - } - }, - "StreamArn": { - "target": "com.amazonaws.dynamodb#StreamArn", - "traits": { - "smithy.api#documentation": "

The ARN for the Kinesis stream input.

", - "smithy.api#required": {} - } - }, - "UpdateKinesisStreamingConfiguration": { - "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingConfiguration", - "traits": { - "smithy.api#documentation": "

The command to update the Kinesis stream configuration.

" - } - } - }, - "traits": { - "smithy.api#input": {} - } - }, - "com.amazonaws.dynamodb#UpdateKinesisStreamingDestinationOutput": { - "type": "structure", - "members": { - "TableName": { - "target": "com.amazonaws.dynamodb#TableName", - "traits": { - "smithy.api#documentation": "

The table name for the Kinesis streaming destination output.

" - } - }, - "StreamArn": { - "target": "com.amazonaws.dynamodb#StreamArn", - "traits": { - "smithy.api#documentation": "

The ARN for the Kinesis stream input.

" - } - }, - "DestinationStatus": { - "target": "com.amazonaws.dynamodb#DestinationStatus", - "traits": { - "smithy.api#documentation": "

The status of the attempt to update the Kinesis streaming destination output.

" - } - }, - "UpdateKinesisStreamingConfiguration": { - "target": "com.amazonaws.dynamodb#UpdateKinesisStreamingConfiguration", - "traits": { - "smithy.api#documentation": "

The command to update the Kinesis streaming destination configuration.

" - } - } - }, - "traits": { - "smithy.api#output": {} - } - }, "com.amazonaws.dynamodb#UpdateReplicationGroupMemberAction": { "type": "structure", "members": { diff --git a/service/dynamodb/api_client.go b/service/dynamodb/api_client.go index 5de5404890c..6e54d0328d2 100644 --- a/service/dynamodb/api_client.go +++ b/service/dynamodb/api_client.go @@ -245,16 +245,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - AccountIDEndpointMode: cfg.AccountIDEndpointMode, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/service/dynamodb/api_op_DisableKinesisStreamingDestination.go b/service/dynamodb/api_op_DisableKinesisStreamingDestination.go index 61f0972ee73..81b43d04dfe 100644 --- a/service/dynamodb/api_op_DisableKinesisStreamingDestination.go +++ b/service/dynamodb/api_op_DisableKinesisStreamingDestination.go @@ -42,9 +42,6 @@ type DisableKinesisStreamingDestinationInput struct { // This member is required. TableName *string - // The source for the Kinesis streaming information that is being enabled. - EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration - noSmithyDocumentSerde } @@ -53,9 +50,6 @@ type DisableKinesisStreamingDestinationOutput struct { // The current status of the replication. DestinationStatus types.DestinationStatus - // The destination for the Kinesis streaming information that is being enabled. - EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration - // The ARN for the specific Kinesis data stream. StreamArn *string diff --git a/service/dynamodb/api_op_EnableKinesisStreamingDestination.go b/service/dynamodb/api_op_EnableKinesisStreamingDestination.go index 9532e9e42a7..6eee7606b65 100644 --- a/service/dynamodb/api_op_EnableKinesisStreamingDestination.go +++ b/service/dynamodb/api_op_EnableKinesisStreamingDestination.go @@ -44,9 +44,6 @@ type EnableKinesisStreamingDestinationInput struct { // This member is required. TableName *string - // The source for the Kinesis streaming information that is being enabled. - EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration - noSmithyDocumentSerde } @@ -55,9 +52,6 @@ type EnableKinesisStreamingDestinationOutput struct { // The current status of the replication. DestinationStatus types.DestinationStatus - // The destination for the Kinesis streaming information that is being enabled. - EnableKinesisStreamingConfiguration *types.EnableKinesisStreamingConfiguration - // The ARN for the specific Kinesis data stream. StreamArn *string diff --git a/service/dynamodb/auth.go b/service/dynamodb/auth.go index 19ff64081f5..817a2851839 100644 --- a/service/dynamodb/auth.go +++ b/service/dynamodb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options, _ interface{}) { +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options, ctx context.Context) *AuthResolverParameters { +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options, ctx) + bindAuthParamsRegion(params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options, ctx) + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dynamodb/deserializers.go b/service/dynamodb/deserializers.go index 002ce8b9d6c..ccb22609a36 100644 --- a/service/dynamodb/deserializers.go +++ b/service/dynamodb/deserializers.go @@ -6023,129 +6023,6 @@ func awsAwsjson10_deserializeOpErrorUpdateItem(response *smithyhttp.Response, me } } -type awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination struct { -} - -func (*awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson10_deserializeOpUpdateKinesisStreamingDestination) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson10_deserializeOpErrorUpdateKinesisStreamingDestination(response, &metadata) - } - output := &UpdateKinesisStreamingDestinationOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson10_deserializeOpDocumentUpdateKinesisStreamingDestinationOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson10_deserializeOpErrorUpdateKinesisStreamingDestination(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InternalServerError", errorCode): - return awsAwsjson10_deserializeErrorInternalServerError(response, errorBody) - - case strings.EqualFold("InvalidEndpointException", errorCode): - return awsAwsjson10_deserializeErrorInvalidEndpointException(response, errorBody) - - case strings.EqualFold("LimitExceededException", errorCode): - return awsAwsjson10_deserializeErrorLimitExceededException(response, errorBody) - - case strings.EqualFold("ResourceInUseException", errorCode): - return awsAwsjson10_deserializeErrorResourceInUseException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson10_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - type awsAwsjson10_deserializeOpUpdateTable struct { } @@ -9784,46 +9661,6 @@ func awsAwsjson10_deserializeDocumentDuplicateItemException(v **types.DuplicateI return nil } -func awsAwsjson10_deserializeDocumentEnableKinesisStreamingConfiguration(v **types.EnableKinesisStreamingConfiguration, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.EnableKinesisStreamingConfiguration - if *v == nil { - sv = &types.EnableKinesisStreamingConfiguration{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ApproximateCreationDateTimePrecision": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ApproximateCreationDateTimePrecision to be of type string, got %T instead", value) - } - sv.ApproximateCreationDateTimePrecision = types.ApproximateCreationDateTimePrecision(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - func awsAwsjson10_deserializeDocumentEndpoint(v **types.Endpoint, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -12347,15 +12184,6 @@ func awsAwsjson10_deserializeDocumentKinesisDataStreamDestination(v **types.Kine for key, value := range shape { switch key { - case "ApproximateCreationDateTimePrecision": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ApproximateCreationDateTimePrecision to be of type string, got %T instead", value) - } - sv.ApproximateCreationDateTimePrecision = types.ApproximateCreationDateTimePrecision(jtv) - } - case "DestinationStatus": if value != nil { jtv, ok := value.(string) @@ -15659,46 +15487,6 @@ func awsAwsjson10_deserializeDocumentTransactionInProgressException(v **types.Tr return nil } -func awsAwsjson10_deserializeDocumentUpdateKinesisStreamingConfiguration(v **types.UpdateKinesisStreamingConfiguration, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.UpdateKinesisStreamingConfiguration - if *v == nil { - sv = &types.UpdateKinesisStreamingConfiguration{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ApproximateCreationDateTimePrecision": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ApproximateCreationDateTimePrecision to be of type string, got %T instead", value) - } - sv.ApproximateCreationDateTimePrecision = types.ApproximateCreationDateTimePrecision(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - func awsAwsjson10_deserializeDocumentWriteRequest(v **types.WriteRequest, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -16745,11 +16533,6 @@ func awsAwsjson10_deserializeOpDocumentDisableKinesisStreamingDestinationOutput( sv.DestinationStatus = types.DestinationStatus(jtv) } - case "EnableKinesisStreamingConfiguration": - if err := awsAwsjson10_deserializeDocumentEnableKinesisStreamingConfiguration(&sv.EnableKinesisStreamingConfiguration, value); err != nil { - return err - } - case "StreamArn": if value != nil { jtv, ok := value.(string) @@ -16808,11 +16591,6 @@ func awsAwsjson10_deserializeOpDocumentEnableKinesisStreamingDestinationOutput(v sv.DestinationStatus = types.DestinationStatus(jtv) } - case "EnableKinesisStreamingConfiguration": - if err := awsAwsjson10_deserializeDocumentEnableKinesisStreamingConfiguration(&sv.EnableKinesisStreamingConfiguration, value); err != nil { - return err - } - case "StreamArn": if value != nil { jtv, ok := value.(string) @@ -17929,69 +17707,6 @@ func awsAwsjson10_deserializeOpDocumentUpdateItemOutput(v **UpdateItemOutput, va return nil } -func awsAwsjson10_deserializeOpDocumentUpdateKinesisStreamingDestinationOutput(v **UpdateKinesisStreamingDestinationOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *UpdateKinesisStreamingDestinationOutput - if *v == nil { - sv = &UpdateKinesisStreamingDestinationOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "DestinationStatus": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected DestinationStatus to be of type string, got %T instead", value) - } - sv.DestinationStatus = types.DestinationStatus(jtv) - } - - case "StreamArn": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected StreamArn to be of type string, got %T instead", value) - } - sv.StreamArn = ptr.String(jtv) - } - - case "TableName": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected TableName to be of type string, got %T instead", value) - } - sv.TableName = ptr.String(jtv) - } - - case "UpdateKinesisStreamingConfiguration": - if err := awsAwsjson10_deserializeDocumentUpdateKinesisStreamingConfiguration(&sv.UpdateKinesisStreamingConfiguration, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - func awsAwsjson10_deserializeOpDocumentUpdateTableOutput(v **UpdateTableOutput, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/dynamodb/endpoints.go b/service/dynamodb/endpoints.go index a750cef35aa..2b62d559bc9 100644 --- a/service/dynamodb/endpoints.go +++ b/service/dynamodb/endpoints.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/accountid" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/endpoints" @@ -490,7 +489,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options, ctx context.Context) *EndpointParameters { +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -519,9 +518,6 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { return next.HandleFinalize(ctx, in) } - if err := accountid.CheckAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { - return out, metadata, fmt.Errorf("invalid accountID set: %w", err) - } req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -532,7 +528,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options, ctx) + params := bindEndpointParams(getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dynamodb/generated.json b/service/dynamodb/generated.json index 215c30f52ab..7043e391d65 100644 --- a/service/dynamodb/generated.json +++ b/service/dynamodb/generated.json @@ -62,7 +62,6 @@ "api_op_UpdateGlobalTable.go", "api_op_UpdateGlobalTableSettings.go", "api_op_UpdateItem.go", - "api_op_UpdateKinesisStreamingDestination.go", "api_op_UpdateTable.go", "api_op_UpdateTableReplicaAutoScaling.go", "api_op_UpdateTimeToLive.go", diff --git a/service/dynamodb/options.go b/service/dynamodb/options.go index 58dc0d91eec..bf88e3b7635 100644 --- a/service/dynamodb/options.go +++ b/service/dynamodb/options.go @@ -5,7 +5,6 @@ package dynamodb import ( "context" "github.com/aws/aws-sdk-go-v2/aws" - accountidmode "github.com/aws/aws-sdk-go-v2/aws/accountid/mode" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" smithyauth "github.com/aws/smithy-go/auth" @@ -25,9 +24,6 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error - // Indicates how aws account ID is applied in endpoint2.0 routing - AccountIDEndpointMode accountidmode.AIDMode - // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dynamodb/serializers.go b/service/dynamodb/serializers.go index 833253c9199..0317bd60ff7 100644 --- a/service/dynamodb/serializers.go +++ b/service/dynamodb/serializers.go @@ -2767,61 +2767,6 @@ func (m *awsAwsjson10_serializeOpUpdateItem) HandleSerialize(ctx context.Context return next.HandleSerialize(ctx, in) } -type awsAwsjson10_serializeOpUpdateKinesisStreamingDestination struct { -} - -func (*awsAwsjson10_serializeOpUpdateKinesisStreamingDestination) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson10_serializeOpUpdateKinesisStreamingDestination) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*UpdateKinesisStreamingDestinationInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.0") - httpBindingEncoder.SetHeader("X-Amz-Target").String("DynamoDB_20120810.UpdateKinesisStreamingDestination") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson10_serializeOpDocumentUpdateKinesisStreamingDestinationInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - return next.HandleSerialize(ctx, in) -} - type awsAwsjson10_serializeOpUpdateTable struct { } @@ -3570,18 +3515,6 @@ func awsAwsjson10_serializeDocumentDeleteRequest(v *types.DeleteRequest, value s return nil } -func awsAwsjson10_serializeDocumentEnableKinesisStreamingConfiguration(v *types.EnableKinesisStreamingConfiguration, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if len(v.ApproximateCreationDateTimePrecision) > 0 { - ok := object.Key("ApproximateCreationDateTimePrecision") - ok.String(string(v.ApproximateCreationDateTimePrecision)) - } - - return nil -} - func awsAwsjson10_serializeDocumentExpectedAttributeMap(v map[string]types.ExpectedAttributeValue, value smithyjson.Value) error { object := value.Object() defer object.Close() @@ -4910,18 +4843,6 @@ func awsAwsjson10_serializeDocumentUpdateGlobalSecondaryIndexAction(v *types.Upd return nil } -func awsAwsjson10_serializeDocumentUpdateKinesisStreamingConfiguration(v *types.UpdateKinesisStreamingConfiguration, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if len(v.ApproximateCreationDateTimePrecision) > 0 { - ok := object.Key("ApproximateCreationDateTimePrecision") - ok.String(string(v.ApproximateCreationDateTimePrecision)) - } - - return nil -} - func awsAwsjson10_serializeDocumentUpdateReplicationGroupMemberAction(v *types.UpdateReplicationGroupMemberAction, value smithyjson.Value) error { object := value.Object() defer object.Close() @@ -5422,13 +5343,6 @@ func awsAwsjson10_serializeOpDocumentDisableKinesisStreamingDestinationInput(v * object := value.Object() defer object.Close() - if v.EnableKinesisStreamingConfiguration != nil { - ok := object.Key("EnableKinesisStreamingConfiguration") - if err := awsAwsjson10_serializeDocumentEnableKinesisStreamingConfiguration(v.EnableKinesisStreamingConfiguration, ok); err != nil { - return err - } - } - if v.StreamArn != nil { ok := object.Key("StreamArn") ok.String(*v.StreamArn) @@ -5446,13 +5360,6 @@ func awsAwsjson10_serializeOpDocumentEnableKinesisStreamingDestinationInput(v *E object := value.Object() defer object.Close() - if v.EnableKinesisStreamingConfiguration != nil { - ok := object.Key("EnableKinesisStreamingConfiguration") - if err := awsAwsjson10_serializeDocumentEnableKinesisStreamingConfiguration(v.EnableKinesisStreamingConfiguration, ok); err != nil { - return err - } - } - if v.StreamArn != nil { ok := object.Key("StreamArn") ok.String(*v.StreamArn) @@ -6505,30 +6412,6 @@ func awsAwsjson10_serializeOpDocumentUpdateItemInput(v *UpdateItemInput, value s return nil } -func awsAwsjson10_serializeOpDocumentUpdateKinesisStreamingDestinationInput(v *UpdateKinesisStreamingDestinationInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.StreamArn != nil { - ok := object.Key("StreamArn") - ok.String(*v.StreamArn) - } - - if v.TableName != nil { - ok := object.Key("TableName") - ok.String(*v.TableName) - } - - if v.UpdateKinesisStreamingConfiguration != nil { - ok := object.Key("UpdateKinesisStreamingConfiguration") - if err := awsAwsjson10_serializeDocumentUpdateKinesisStreamingConfiguration(v.UpdateKinesisStreamingConfiguration, ok); err != nil { - return err - } - } - - return nil -} - func awsAwsjson10_serializeOpDocumentUpdateTableInput(v *UpdateTableInput, value smithyjson.Value) error { object := value.Object() defer object.Close() diff --git a/service/dynamodb/types/enums.go b/service/dynamodb/types/enums.go index ec617f936bd..a603b3406ef 100644 --- a/service/dynamodb/types/enums.go +++ b/service/dynamodb/types/enums.go @@ -2,25 +2,6 @@ package types -type ApproximateCreationDateTimePrecision string - -// Enum values for ApproximateCreationDateTimePrecision -const ( - ApproximateCreationDateTimePrecisionMillisecond ApproximateCreationDateTimePrecision = "MILLISECOND" - ApproximateCreationDateTimePrecisionMicrosecond ApproximateCreationDateTimePrecision = "MICROSECOND" -) - -// Values returns all known values for ApproximateCreationDateTimePrecision. Note -// that this can be expanded in the future, and so it is only as up to date as the -// client. The ordering of this slice is not guaranteed to be stable across -// updates. -func (ApproximateCreationDateTimePrecision) Values() []ApproximateCreationDateTimePrecision { - return []ApproximateCreationDateTimePrecision{ - "MILLISECOND", - "MICROSECOND", - } -} - type AttributeAction string // Enum values for AttributeAction @@ -284,7 +265,6 @@ const ( DestinationStatusDisabling DestinationStatus = "DISABLING" DestinationStatusDisabled DestinationStatus = "DISABLED" DestinationStatusEnableFailed DestinationStatus = "ENABLE_FAILED" - DestinationStatusUpdating DestinationStatus = "UPDATING" ) // Values returns all known values for DestinationStatus. Note that this can be @@ -297,7 +277,6 @@ func (DestinationStatus) Values() []DestinationStatus { "DISABLING", "DISABLED", "ENABLE_FAILED", - "UPDATING", } } diff --git a/service/dynamodb/types/types.go b/service/dynamodb/types/types.go index ce38bd1f41d..037de7ce4c0 100644 --- a/service/dynamodb/types/types.go +++ b/service/dynamodb/types/types.go @@ -975,16 +975,6 @@ type DeleteRequest struct { noSmithyDocumentSerde } -// Enables setting the configuration for Kinesis Streaming. -type EnableKinesisStreamingConfiguration struct { - - // Toggle for the precision of Kinesis data stream timestamp. The values are - // either MILLISECOND or MICROSECOND . - ApproximateCreationDateTimePrecision ApproximateCreationDateTimePrecision - - noSmithyDocumentSerde -} - // An endpoint information details. type Endpoint struct { @@ -1785,10 +1775,6 @@ type KeySchemaElement struct { // Describes a Kinesis data stream destination. type KinesisDataStreamDestination struct { - // The precision of the Kinesis data stream timestamp. The values are either - // MILLISECOND or MICROSECOND . - ApproximateCreationDateTimePrecision ApproximateCreationDateTimePrecision - // The current status of replication. DestinationStatus DestinationStatus @@ -1900,10 +1886,10 @@ type LocalSecondaryIndexInfo struct { noSmithyDocumentSerde } -// Represents a PartiQL statement that uses parameters. +// Represents a PartiQL statment that uses parameters. type ParameterizedStatement struct { - // A PartiQL statement that uses parameters. + // A PartiQL statment that uses parameters. // // This member is required. Statement *string @@ -3030,15 +3016,6 @@ type UpdateGlobalSecondaryIndexAction struct { noSmithyDocumentSerde } -// Enables updating the configuration for Kinesis Streaming. -type UpdateKinesisStreamingConfiguration struct { - - // Enables updating the precision of Kinesis data stream timestamp. - ApproximateCreationDateTimePrecision ApproximateCreationDateTimePrecision - - noSmithyDocumentSerde -} - // Represents a replica to be modified. type UpdateReplicationGroupMemberAction struct { diff --git a/service/dynamodb/validators.go b/service/dynamodb/validators.go index 4762e130283..1c76f46d976 100644 --- a/service/dynamodb/validators.go +++ b/service/dynamodb/validators.go @@ -850,26 +850,6 @@ func (m *validateOpUpdateItem) HandleInitialize(ctx context.Context, in middlewa return next.HandleInitialize(ctx, in) } -type validateOpUpdateKinesisStreamingDestination struct { -} - -func (*validateOpUpdateKinesisStreamingDestination) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpUpdateKinesisStreamingDestination) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*UpdateKinesisStreamingDestinationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpUpdateKinesisStreamingDestinationInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - type validateOpUpdateTable struct { } @@ -1098,10 +1078,6 @@ func addOpUpdateItemValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpUpdateItem{}, middleware.After) } -func addOpUpdateKinesisStreamingDestinationValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpUpdateKinesisStreamingDestination{}, middleware.After) -} - func addOpUpdateTableValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpUpdateTable{}, middleware.After) } @@ -3255,24 +3231,6 @@ func validateOpUpdateItemInput(v *UpdateItemInput) error { } } -func validateOpUpdateKinesisStreamingDestinationInput(v *UpdateKinesisStreamingDestinationInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "UpdateKinesisStreamingDestinationInput"} - if v.TableName == nil { - invalidParams.Add(smithy.NewErrParamRequired("TableName")) - } - if v.StreamArn == nil { - invalidParams.Add(smithy.NewErrParamRequired("StreamArn")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - func validateOpUpdateTableInput(v *UpdateTableInput) error { if v == nil { return nil From 358cd5e6b1752d7dc0de4fdbda1ac5985b20c1bd Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 6 Feb 2024 16:44:44 -0500 Subject: [PATCH 12/20] restore ep context setter format --- .../smithy/aws/go/codegen/LegacyEndpointContextSetter.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java index f3c571f7840..93e16975fdf 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/LegacyEndpointContextSetter.java @@ -63,8 +63,7 @@ public void renderPreEndpointResolutionHook(GoSettings settings, GoWriter writer if $T(ctx) { return next.HandleFinalize(ctx, in) } - """, - SdkGoTypes.Aws.Middleware.GetRequiresLegacyEndpoints); + """, SdkGoTypes.Aws.Middleware.GetRequiresLegacyEndpoints); } @Override From 6496537d44d09a5704aeb551773b76b64120caf2 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Thu, 8 Feb 2024 18:32:30 -0500 Subject: [PATCH 13/20] Modify accountid endpoint codegen integration --- aws/accountid_endpoint_mode.go | 18 +++++--- aws/config.go | 3 +- .../aws/go/codegen/AddAwsConfigFields.java | 4 +- .../AccountIDEndpointRouting.java | 17 +++----- .../customization/AwsEndpointBuiltins.java | 43 ++++++++++++++++++- 5 files changed, 62 insertions(+), 23 deletions(-) diff --git a/aws/accountid_endpoint_mode.go b/aws/accountid_endpoint_mode.go index 55419c4cfbc..c9b581b7fb4 100644 --- a/aws/accountid_endpoint_mode.go +++ b/aws/accountid_endpoint_mode.go @@ -1,12 +1,18 @@ package aws -// AccountIDEndpointMode switches on/off the account ID based endpoint routing +// AccountIDEndpointMode controls how a resolved AWS account ID is handled for endpoint routing. type AccountIDEndpointMode string -// enums of valid AccountIDEndpointMode const ( - AccountIDEndpointModeUnset AccountIDEndpointMode = "" - AccountIDEndpointModePreferred AccountIDEndpointMode = "preferred" - AccountIDEndpointModeRequired AccountIDEndpointMode = "required" - AccountIDEndpointModeDisabled AccountIDEndpointMode = "disabled" + // AccountIDEndpointModeUnset indicates the AWS account ID will not be used for endpoint routing + AccountIDEndpointModeUnset AccountIDEndpointMode = "" + + // AccountIDEndpointModePreferred indicates the AWS account ID will be used for endpoint routing if offered + AccountIDEndpointModePreferred = "preferred" + + // AccountIDEndpointModeRequired indicates an error will be returned if the AWS account ID is not resolved from identity + AccountIDEndpointModeRequired = "required" + + // AccountIDEndpointModeDisabled indicates the AWS account ID will be ignored during endpoint routing + AccountIDEndpointModeDisabled = "disabled" ) diff --git a/aws/config.go b/aws/config.go index 49a49f2e57e..16000d79279 100644 --- a/aws/config.go +++ b/aws/config.go @@ -163,8 +163,7 @@ type Config struct { // the shared config profile attribute request_min_compression_size_bytes RequestMinCompressSizeBytes int64 - // AccountIDEndpointMode indicates how aws account ID is applied in endpoint2.0 routing. - // Will be set to preferred by default. Supported modes are: Preferred, Required and Disabled + // Controls how a resolved AWS account ID is handled for endpoint routing. AccountIDEndpointMode AccountIDEndpointMode } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java index 07c12397e6c..2ed019beb6d 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/AddAwsConfigFields.java @@ -81,7 +81,7 @@ public class AddAwsConfigFields implements GoIntegration { private static final String REQUEST_MIN_COMPRESSION_SIZE_BYTES = "RequestMinCompressSizeBytes"; - private static final String SDK_AID_ENDPOINT_MODE = "AccountIDEndpointMode"; + private static final String SDK_ACCOUNTID_ENDPOINT_MODE = "AccountIDEndpointMode"; private static final List AWS_CONFIG_FIELDS = ListUtils.of( AwsConfigField.builder() @@ -239,7 +239,7 @@ public class AddAwsConfigFields implements GoIntegration { .generatedOnClient(false) .build(), AwsConfigField.builder() - .name(SDK_AID_ENDPOINT_MODE) + .name(SDK_ACCOUNTID_ENDPOINT_MODE) .type(SdkGoTypes.Aws.AccountIDEndpointMode) .documentation("Indicates how aws account ID is applied in endpoint2.0 routing") .build() diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java index 984e35ff6b2..74ad3ac11d6 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java @@ -32,14 +32,6 @@ public void writeAdditionalFiles( return; } goDelegator.useShapeWriter(settings.getService(model), goTemplate(""" - func accountID(identity $auth:T, mode $accountIDEndpointMode:T) *string { - if ca, ok := identity.(*$credentialsAdapter:T); ok && (mode == $aidModePreferred:T || mode == $aidModeRequired:T) { - return $string:T(ca.Credentials.AccountID) - } - - return nil - } - func checkAccountID(identity $auth:T, mode $accountIDEndpointMode:T) error { switch mode { case $aidModeUnset:T: @@ -49,9 +41,11 @@ func checkAccountID(identity $auth:T, mode $accountIDEndpointMode:T) error { if ca, ok := identity.(*$credentialsAdapter:T); !ok { return $errorf:T("the accountID is configured to be required, but the " + "identity provider could not be converted to a valid credentials adapter " + - "and provide an accountID, should try to configure a valid credentials provider") + "and provide an accountID, should switch to a valid credentials provider " + + "or change to another account id endpoint mode") } else if ca.Credentials.AccountID == "" { - return $errorf:T("the required accountID could not be empty") + return $errorf:T("the required accountID could not be empty, should switch to a valid " + + "credentials provider or change to another account id endpoint mode") } // default check in case invalid mode is configured through request config default: @@ -69,8 +63,7 @@ func checkAccountID(identity $auth:T, mode $accountIDEndpointMode:T) error { "aidModeRequired", SdkGoTypes.Aws.AccountIDEndpointModeRequired, "aidModeUnset", SdkGoTypes.Aws.AccountIDEndpointModeUnset, "aidModeDisabled", SdkGoTypes.Aws.AccountIDEndpointModeDisabled, - "errorf", GoStdlibTypes.Fmt.Errorf, - "string", SdkGoTypes.Aws.String + "errorf", GoStdlibTypes.Fmt.Errorf ) )); } diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java index ed4d008f0d9..5d48cb537f9 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java @@ -1,10 +1,17 @@ package software.amazon.smithy.aws.go.codegen.customization; import software.amazon.smithy.aws.go.codegen.SdkGoTypes; +import software.amazon.smithy.codegen.core.SymbolProvider; +import software.amazon.smithy.go.codegen.GoDelegator; +import software.amazon.smithy.go.codegen.GoSettings; import software.amazon.smithy.go.codegen.GoWriter; +import software.amazon.smithy.go.codegen.SmithyGoTypes; import software.amazon.smithy.go.codegen.integration.GoIntegration; import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin; +import software.amazon.smithy.model.Model; +import software.amazon.smithy.rulesengine.traits.EndpointRuleSetTrait; import software.amazon.smithy.utils.ListUtils; +import software.amazon.smithy.utils.MapUtils; import java.util.List; @@ -33,7 +40,41 @@ public class AwsEndpointBuiltins implements GoIntegration { private static final GoWriter.Writable BindAwsS3DisableMultiRegionAccessPoints = goTemplate("$T(options.DisableMultiRegionAccessPoints)", SdkGoTypes.Aws.Bool); private static final GoWriter.Writable BindAccountID = - goTemplate("accountID(getIdentity(ctx), options.AccountIDEndpointMode)"); + goTemplate("resolveAccountID(getIdentity(ctx), options.AccountIDEndpointMode)"); + + @Override + public void writeAdditionalFiles( + GoSettings settings, + Model model, + SymbolProvider symbolProvider, + GoDelegator goDelegator + ) { + if (!settings.getService(model).hasTrait(EndpointRuleSetTrait.class)) { + return; + } + goDelegator.useShapeWriter(settings.getService(model), goTemplate(""" + func resolveAccountID(identity $auth:T, mode $accountIDEndpointMode:T) *string { + if mode == $aidModeDisabled:T || mode == $aidModeUnset:T { + return nil + } + + if ca, ok := identity.(*$credentialsAdapter:T); ok && ca.Credentials.AccountID != "" { + return $string:T(ca.Credentials.AccountID) + } + + return nil + } + """, + MapUtils.of( + "auth", SmithyGoTypes.Auth.Identity, + "accountIDEndpointMode", SdkGoTypes.Aws.AccountIDEndpointMode, + "aidModeUnset", SdkGoTypes.Aws.AccountIDEndpointModeUnset, + "aidModeDisabled", SdkGoTypes.Aws.AccountIDEndpointModeDisabled, + "credentialsAdapter", SdkGoTypes.Internal.Auth.Smithy.CredentialsAdapter, + "string", SdkGoTypes.Aws.String + ) + )); + } @Override public List getClientPlugins() { From d7c2b296b7bc26495b566d88f40f6192adbac982 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Sun, 11 Feb 2024 18:24:21 -0500 Subject: [PATCH 14/20] Modify error msg and mode check of aid endpoint mode --- aws/accountid_endpoint_mode.go | 2 +- .../codegen/customization/AccountIDEndpointRouting.java | 8 ++------ .../aws/go/codegen/customization/AwsEndpointBuiltins.java | 2 +- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/aws/accountid_endpoint_mode.go b/aws/accountid_endpoint_mode.go index c9b581b7fb4..6504a21864c 100644 --- a/aws/accountid_endpoint_mode.go +++ b/aws/accountid_endpoint_mode.go @@ -7,7 +7,7 @@ const ( // AccountIDEndpointModeUnset indicates the AWS account ID will not be used for endpoint routing AccountIDEndpointModeUnset AccountIDEndpointMode = "" - // AccountIDEndpointModePreferred indicates the AWS account ID will be used for endpoint routing if offered + // AccountIDEndpointModePreferred indicates the AWS account ID will be used for endpoint routing if present AccountIDEndpointModePreferred = "preferred" // AccountIDEndpointModeRequired indicates an error will be returned if the AWS account ID is not resolved from identity diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java index 74ad3ac11d6..fd41a29835a 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java @@ -39,13 +39,9 @@ func checkAccountID(identity $auth:T, mode $accountIDEndpointMode:T) error { case $aidModeDisabled:T: case $aidModeRequired:T: if ca, ok := identity.(*$credentialsAdapter:T); !ok { - return $errorf:T("the accountID is configured to be required, but the " + - "identity provider could not be converted to a valid credentials adapter " + - "and provide an accountID, should switch to a valid credentials provider " + - "or change to another account id endpoint mode") + return $errorf:T("accountID is required but not set") } else if ca.Credentials.AccountID == "" { - return $errorf:T("the required accountID could not be empty, should switch to a valid " + - "credentials provider or change to another account id endpoint mode") + return $errorf:T("accountID is required but not set") } // default check in case invalid mode is configured through request config default: diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java index 5d48cb537f9..7d9aea65356 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java @@ -54,7 +54,7 @@ public void writeAdditionalFiles( } goDelegator.useShapeWriter(settings.getService(model), goTemplate(""" func resolveAccountID(identity $auth:T, mode $accountIDEndpointMode:T) *string { - if mode == $aidModeDisabled:T || mode == $aidModeUnset:T { + if mode == $aidModeDisabled:T { return nil } From fbaccfc17b8228d2ad6a2c311692bd07f5636bb2 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Mon, 12 Feb 2024 18:16:11 -0500 Subject: [PATCH 15/20] regenerate all clients with ep2.0 trait --- ...mithy.go.codegen.integration.GoIntegration | 1 + .../protocoltest/awsrestjson/api_client.go | 1 + internal/protocoltest/awsrestjson/auth.go | 4 +- internal/protocoltest/awsrestjson/options.go | 3 ++ internal/protocoltest/ec2query/api_client.go | 1 + internal/protocoltest/ec2query/auth.go | 4 +- internal/protocoltest/ec2query/options.go | 3 ++ internal/protocoltest/jsonrpc/api_client.go | 1 + internal/protocoltest/jsonrpc/auth.go | 8 +-- internal/protocoltest/jsonrpc/options.go | 3 ++ internal/protocoltest/jsonrpc10/api_client.go | 1 + internal/protocoltest/jsonrpc10/auth.go | 4 +- internal/protocoltest/jsonrpc10/options.go | 3 ++ internal/protocoltest/query/api_client.go | 1 + internal/protocoltest/query/auth.go | 4 +- internal/protocoltest/query/options.go | 3 ++ internal/protocoltest/restxml/api_client.go | 1 + internal/protocoltest/restxml/auth.go | 4 +- internal/protocoltest/restxml/options.go | 3 ++ .../restxmlwithnamespace/api_client.go | 17 ++++--- .../protocoltest/restxmlwithnamespace/auth.go | 4 +- .../restxmlwithnamespace/options.go | 3 ++ service/accessanalyzer/api_client.go | 51 +++++++++++++++---- service/accessanalyzer/auth.go | 8 +-- service/accessanalyzer/endpoints.go | 8 ++- service/accessanalyzer/options.go | 3 ++ service/account/api_client.go | 51 +++++++++++++++---- service/account/auth.go | 8 +-- service/account/endpoints.go | 8 ++- service/account/options.go | 3 ++ service/acm/api_client.go | 51 +++++++++++++++---- service/acm/auth.go | 8 +-- service/acm/endpoints.go | 8 ++- service/acm/options.go | 3 ++ service/acmpca/api_client.go | 51 +++++++++++++++---- service/acmpca/auth.go | 8 +-- service/acmpca/endpoints.go | 8 ++- service/acmpca/options.go | 3 ++ service/alexaforbusiness/api_client.go | 51 +++++++++++++++---- service/alexaforbusiness/auth.go | 8 +-- service/alexaforbusiness/endpoints.go | 8 ++- service/alexaforbusiness/options.go | 3 ++ service/amp/api_client.go | 51 +++++++++++++++---- service/amp/auth.go | 8 +-- service/amp/endpoints.go | 8 ++- service/amp/options.go | 3 ++ service/amplify/api_client.go | 51 +++++++++++++++---- service/amplify/auth.go | 8 +-- service/amplify/endpoints.go | 8 ++- service/amplify/options.go | 3 ++ service/amplifybackend/api_client.go | 51 +++++++++++++++---- service/amplifybackend/auth.go | 8 +-- service/amplifybackend/endpoints.go | 8 ++- service/amplifybackend/options.go | 3 ++ service/amplifyuibuilder/api_client.go | 51 +++++++++++++++---- service/amplifyuibuilder/auth.go | 8 +-- service/amplifyuibuilder/endpoints.go | 8 ++- service/amplifyuibuilder/options.go | 3 ++ service/apigateway/api_client.go | 51 +++++++++++++++---- service/apigateway/auth.go | 8 +-- service/apigateway/endpoints.go | 8 ++- service/apigateway/options.go | 3 ++ service/apigatewaymanagementapi/api_client.go | 51 +++++++++++++++---- service/apigatewaymanagementapi/auth.go | 8 +-- service/apigatewaymanagementapi/endpoints.go | 8 ++- service/apigatewaymanagementapi/options.go | 3 ++ service/apigatewayv2/api_client.go | 51 +++++++++++++++---- service/apigatewayv2/auth.go | 8 +-- service/apigatewayv2/endpoints.go | 8 ++- service/apigatewayv2/options.go | 3 ++ service/appconfig/api_client.go | 51 +++++++++++++++---- service/appconfig/auth.go | 8 +-- service/appconfig/endpoints.go | 8 ++- service/appconfig/options.go | 3 ++ service/appconfigdata/api_client.go | 51 +++++++++++++++---- service/appconfigdata/auth.go | 8 +-- service/appconfigdata/endpoints.go | 8 ++- service/appconfigdata/options.go | 3 ++ service/appfabric/api_client.go | 51 +++++++++++++++---- service/appfabric/auth.go | 8 +-- service/appfabric/endpoints.go | 8 ++- service/appfabric/options.go | 3 ++ service/appflow/api_client.go | 51 +++++++++++++++---- service/appflow/auth.go | 8 +-- service/appflow/endpoints.go | 8 ++- service/appflow/options.go | 3 ++ service/appintegrations/api_client.go | 51 +++++++++++++++---- service/appintegrations/auth.go | 8 +-- service/appintegrations/endpoints.go | 8 ++- service/appintegrations/options.go | 3 ++ service/applicationautoscaling/api_client.go | 51 +++++++++++++++---- service/applicationautoscaling/auth.go | 8 +-- service/applicationautoscaling/endpoints.go | 8 ++- service/applicationautoscaling/options.go | 3 ++ service/applicationcostprofiler/api_client.go | 51 +++++++++++++++---- service/applicationcostprofiler/auth.go | 8 +-- service/applicationcostprofiler/endpoints.go | 8 ++- service/applicationcostprofiler/options.go | 3 ++ .../applicationdiscoveryservice/api_client.go | 51 +++++++++++++++---- service/applicationdiscoveryservice/auth.go | 8 +-- .../applicationdiscoveryservice/endpoints.go | 8 ++- .../applicationdiscoveryservice/options.go | 3 ++ service/applicationinsights/api_client.go | 51 +++++++++++++++---- service/applicationinsights/auth.go | 8 +-- service/applicationinsights/endpoints.go | 8 ++- service/applicationinsights/options.go | 3 ++ service/appmesh/api_client.go | 51 +++++++++++++++---- service/appmesh/auth.go | 8 +-- service/appmesh/endpoints.go | 8 ++- service/appmesh/options.go | 3 ++ service/apprunner/api_client.go | 51 +++++++++++++++---- service/apprunner/auth.go | 8 +-- service/apprunner/endpoints.go | 8 ++- service/apprunner/options.go | 3 ++ service/appstream/api_client.go | 51 +++++++++++++++---- service/appstream/auth.go | 8 +-- service/appstream/endpoints.go | 8 ++- service/appstream/options.go | 3 ++ service/appsync/api_client.go | 51 +++++++++++++++---- service/appsync/auth.go | 8 +-- service/appsync/endpoints.go | 8 ++- service/appsync/options.go | 3 ++ service/arczonalshift/api_client.go | 51 +++++++++++++++---- service/arczonalshift/auth.go | 8 +-- service/arczonalshift/endpoints.go | 8 ++- service/arczonalshift/options.go | 3 ++ service/athena/api_client.go | 51 +++++++++++++++---- service/athena/auth.go | 8 +-- service/athena/endpoints.go | 8 ++- service/athena/options.go | 3 ++ service/auditmanager/api_client.go | 51 +++++++++++++++---- service/auditmanager/auth.go | 8 +-- service/auditmanager/endpoints.go | 8 ++- service/auditmanager/options.go | 3 ++ service/autoscaling/api_client.go | 51 +++++++++++++++---- service/autoscaling/auth.go | 8 +-- service/autoscaling/endpoints.go | 8 ++- service/autoscaling/options.go | 3 ++ service/autoscalingplans/api_client.go | 51 +++++++++++++++---- service/autoscalingplans/auth.go | 8 +-- service/autoscalingplans/endpoints.go | 8 ++- service/autoscalingplans/options.go | 3 ++ service/b2bi/api_client.go | 51 +++++++++++++++---- service/b2bi/auth.go | 8 +-- service/b2bi/endpoints.go | 8 ++- service/b2bi/options.go | 3 ++ service/backup/api_client.go | 51 +++++++++++++++---- service/backup/auth.go | 8 +-- service/backup/endpoints.go | 8 ++- service/backup/options.go | 3 ++ service/backupgateway/api_client.go | 51 +++++++++++++++---- service/backupgateway/auth.go | 8 +-- service/backupgateway/endpoints.go | 8 ++- service/backupgateway/options.go | 3 ++ service/backupstorage/api_client.go | 51 +++++++++++++++---- service/backupstorage/auth.go | 8 +-- service/backupstorage/endpoints.go | 8 ++- service/backupstorage/options.go | 3 ++ service/batch/api_client.go | 51 +++++++++++++++---- service/batch/auth.go | 8 +-- service/batch/endpoints.go | 8 ++- service/batch/options.go | 3 ++ service/bcmdataexports/api_client.go | 51 +++++++++++++++---- service/bcmdataexports/auth.go | 8 +-- service/bcmdataexports/endpoints.go | 8 ++- service/bcmdataexports/options.go | 3 ++ service/bedrock/api_client.go | 51 +++++++++++++++---- service/bedrock/auth.go | 8 +-- service/bedrock/endpoints.go | 8 ++- service/bedrock/options.go | 3 ++ service/bedrockagent/api_client.go | 51 +++++++++++++++---- service/bedrockagent/auth.go | 8 +-- service/bedrockagent/endpoints.go | 8 ++- service/bedrockagent/options.go | 3 ++ service/bedrockagentruntime/api_client.go | 51 +++++++++++++++---- service/bedrockagentruntime/auth.go | 8 +-- service/bedrockagentruntime/endpoints.go | 8 ++- service/bedrockagentruntime/options.go | 3 ++ service/bedrockruntime/api_client.go | 51 +++++++++++++++---- service/bedrockruntime/auth.go | 8 +-- service/bedrockruntime/endpoints.go | 8 ++- service/bedrockruntime/options.go | 3 ++ service/billingconductor/api_client.go | 51 +++++++++++++++---- service/billingconductor/auth.go | 8 +-- service/billingconductor/endpoints.go | 8 ++- service/billingconductor/options.go | 3 ++ service/braket/api_client.go | 51 +++++++++++++++---- service/braket/auth.go | 8 +-- service/braket/endpoints.go | 8 ++- service/braket/options.go | 3 ++ service/budgets/api_client.go | 51 +++++++++++++++---- service/budgets/auth.go | 8 +-- service/budgets/endpoints.go | 8 ++- service/budgets/options.go | 3 ++ service/chime/api_client.go | 51 +++++++++++++++---- service/chime/auth.go | 8 +-- service/chime/endpoints.go | 8 ++- service/chime/options.go | 3 ++ service/chimesdkidentity/api_client.go | 51 +++++++++++++++---- service/chimesdkidentity/auth.go | 8 +-- service/chimesdkidentity/endpoints.go | 8 ++- service/chimesdkidentity/options.go | 3 ++ service/chimesdkmediapipelines/api_client.go | 51 +++++++++++++++---- service/chimesdkmediapipelines/auth.go | 8 +-- service/chimesdkmediapipelines/endpoints.go | 8 ++- service/chimesdkmediapipelines/options.go | 3 ++ service/chimesdkmeetings/api_client.go | 51 +++++++++++++++---- service/chimesdkmeetings/auth.go | 8 +-- service/chimesdkmeetings/endpoints.go | 8 ++- service/chimesdkmeetings/options.go | 3 ++ service/chimesdkmessaging/api_client.go | 51 +++++++++++++++---- service/chimesdkmessaging/auth.go | 8 +-- service/chimesdkmessaging/endpoints.go | 8 ++- service/chimesdkmessaging/options.go | 3 ++ service/chimesdkvoice/api_client.go | 51 +++++++++++++++---- service/chimesdkvoice/auth.go | 8 +-- service/chimesdkvoice/endpoints.go | 8 ++- service/chimesdkvoice/options.go | 3 ++ service/cleanrooms/api_client.go | 51 +++++++++++++++---- service/cleanrooms/auth.go | 8 +-- service/cleanrooms/endpoints.go | 8 ++- service/cleanrooms/options.go | 3 ++ service/cleanroomsml/api_client.go | 51 +++++++++++++++---- service/cleanroomsml/auth.go | 8 +-- service/cleanroomsml/endpoints.go | 8 ++- service/cleanroomsml/options.go | 3 ++ service/cloud9/api_client.go | 51 +++++++++++++++---- service/cloud9/auth.go | 8 +-- service/cloud9/endpoints.go | 8 ++- service/cloud9/options.go | 3 ++ service/cloudcontrol/api_client.go | 51 +++++++++++++++---- service/cloudcontrol/auth.go | 8 +-- service/cloudcontrol/endpoints.go | 8 ++- service/cloudcontrol/options.go | 3 ++ service/clouddirectory/api_client.go | 51 +++++++++++++++---- service/clouddirectory/auth.go | 8 +-- service/clouddirectory/endpoints.go | 8 ++- service/clouddirectory/options.go | 3 ++ service/cloudformation/api_client.go | 51 +++++++++++++++---- service/cloudformation/auth.go | 8 +-- service/cloudformation/endpoints.go | 8 ++- service/cloudformation/options.go | 3 ++ service/cloudfront/api_client.go | 51 +++++++++++++++---- service/cloudfront/auth.go | 8 +-- service/cloudfront/endpoints.go | 8 ++- service/cloudfront/options.go | 3 ++ service/cloudfrontkeyvaluestore/api_client.go | 51 +++++++++++++++---- service/cloudfrontkeyvaluestore/auth.go | 8 +-- service/cloudfrontkeyvaluestore/endpoints.go | 8 ++- service/cloudfrontkeyvaluestore/options.go | 3 ++ service/cloudhsm/api_client.go | 51 +++++++++++++++---- service/cloudhsm/auth.go | 8 +-- service/cloudhsm/endpoints.go | 8 ++- service/cloudhsm/options.go | 3 ++ service/cloudhsmv2/api_client.go | 51 +++++++++++++++---- service/cloudhsmv2/auth.go | 8 +-- service/cloudhsmv2/endpoints.go | 8 ++- service/cloudhsmv2/options.go | 3 ++ service/cloudsearch/api_client.go | 51 +++++++++++++++---- service/cloudsearch/auth.go | 8 +-- service/cloudsearch/endpoints.go | 8 ++- service/cloudsearch/options.go | 3 ++ service/cloudsearchdomain/api_client.go | 51 +++++++++++++++---- service/cloudsearchdomain/auth.go | 8 +-- service/cloudsearchdomain/endpoints.go | 8 ++- service/cloudsearchdomain/options.go | 3 ++ service/cloudtrail/api_client.go | 51 +++++++++++++++---- service/cloudtrail/auth.go | 8 +-- service/cloudtrail/endpoints.go | 8 ++- service/cloudtrail/options.go | 3 ++ service/cloudtraildata/api_client.go | 51 +++++++++++++++---- service/cloudtraildata/auth.go | 8 +-- service/cloudtraildata/endpoints.go | 8 ++- service/cloudtraildata/options.go | 3 ++ service/cloudwatch/api_client.go | 51 +++++++++++++++---- service/cloudwatch/auth.go | 8 +-- service/cloudwatch/endpoints.go | 8 ++- service/cloudwatch/options.go | 3 ++ service/cloudwatchevents/api_client.go | 51 +++++++++++++++---- service/cloudwatchevents/auth.go | 8 +-- service/cloudwatchevents/endpoints.go | 8 ++- service/cloudwatchevents/options.go | 3 ++ service/cloudwatchlogs/api_client.go | 51 +++++++++++++++---- service/cloudwatchlogs/auth.go | 8 +-- service/cloudwatchlogs/endpoints.go | 8 ++- service/cloudwatchlogs/options.go | 3 ++ service/codeartifact/api_client.go | 51 +++++++++++++++---- service/codeartifact/auth.go | 8 +-- service/codeartifact/endpoints.go | 8 ++- service/codeartifact/options.go | 3 ++ service/codebuild/api_client.go | 51 +++++++++++++++---- service/codebuild/auth.go | 8 +-- service/codebuild/endpoints.go | 8 ++- service/codebuild/options.go | 3 ++ service/codecatalyst/api_client.go | 33 ++++++++++++ service/codecatalyst/auth.go | 4 +- service/codecatalyst/endpoints.go | 8 ++- service/codecatalyst/options.go | 3 ++ service/codecommit/api_client.go | 51 +++++++++++++++---- service/codecommit/auth.go | 8 +-- service/codecommit/endpoints.go | 8 ++- service/codecommit/options.go | 3 ++ service/codedeploy/api_client.go | 51 +++++++++++++++---- service/codedeploy/auth.go | 8 +-- service/codedeploy/endpoints.go | 8 ++- service/codedeploy/options.go | 3 ++ service/codeguruprofiler/api_client.go | 51 +++++++++++++++---- service/codeguruprofiler/auth.go | 8 +-- service/codeguruprofiler/endpoints.go | 8 ++- service/codeguruprofiler/options.go | 3 ++ service/codegurureviewer/api_client.go | 51 +++++++++++++++---- service/codegurureviewer/auth.go | 8 +-- service/codegurureviewer/endpoints.go | 8 ++- service/codegurureviewer/options.go | 3 ++ service/codegurusecurity/api_client.go | 51 +++++++++++++++---- service/codegurusecurity/auth.go | 8 +-- service/codegurusecurity/endpoints.go | 8 ++- service/codegurusecurity/options.go | 3 ++ service/codepipeline/api_client.go | 51 +++++++++++++++---- service/codepipeline/auth.go | 8 +-- service/codepipeline/endpoints.go | 8 ++- service/codepipeline/options.go | 3 ++ service/codestar/api_client.go | 51 +++++++++++++++---- service/codestar/auth.go | 8 +-- service/codestar/endpoints.go | 8 ++- service/codestar/options.go | 3 ++ service/codestarconnections/api_client.go | 51 +++++++++++++++---- service/codestarconnections/auth.go | 8 +-- service/codestarconnections/endpoints.go | 8 ++- service/codestarconnections/options.go | 3 ++ service/codestarnotifications/api_client.go | 51 +++++++++++++++---- service/codestarnotifications/auth.go | 8 +-- service/codestarnotifications/endpoints.go | 8 ++- service/codestarnotifications/options.go | 3 ++ service/cognitoidentity/api_client.go | 51 +++++++++++++++---- service/cognitoidentity/auth.go | 8 +-- service/cognitoidentity/endpoints.go | 8 ++- service/cognitoidentity/options.go | 3 ++ service/cognitoidentityprovider/api_client.go | 51 +++++++++++++++---- service/cognitoidentityprovider/auth.go | 8 +-- service/cognitoidentityprovider/endpoints.go | 8 ++- service/cognitoidentityprovider/options.go | 3 ++ service/cognitosync/api_client.go | 51 +++++++++++++++---- service/cognitosync/auth.go | 8 +-- service/cognitosync/endpoints.go | 8 ++- service/cognitosync/options.go | 3 ++ service/comprehend/api_client.go | 51 +++++++++++++++---- service/comprehend/auth.go | 8 +-- service/comprehend/endpoints.go | 8 ++- service/comprehend/options.go | 3 ++ service/comprehendmedical/api_client.go | 51 +++++++++++++++---- service/comprehendmedical/auth.go | 8 +-- service/comprehendmedical/endpoints.go | 8 ++- service/comprehendmedical/options.go | 3 ++ service/computeoptimizer/api_client.go | 51 +++++++++++++++---- service/computeoptimizer/auth.go | 8 +-- service/computeoptimizer/endpoints.go | 8 ++- service/computeoptimizer/options.go | 3 ++ service/configservice/api_client.go | 51 +++++++++++++++---- service/configservice/auth.go | 8 +-- service/configservice/endpoints.go | 8 ++- service/configservice/options.go | 3 ++ service/connect/api_client.go | 51 +++++++++++++++---- service/connect/auth.go | 8 +-- service/connect/endpoints.go | 8 ++- service/connect/options.go | 3 ++ service/connectcampaigns/api_client.go | 51 +++++++++++++++---- service/connectcampaigns/auth.go | 8 +-- service/connectcampaigns/endpoints.go | 8 ++- service/connectcampaigns/options.go | 3 ++ service/connectcases/api_client.go | 51 +++++++++++++++---- service/connectcases/auth.go | 8 +-- service/connectcases/endpoints.go | 8 ++- service/connectcases/options.go | 3 ++ service/connectcontactlens/api_client.go | 51 +++++++++++++++---- service/connectcontactlens/auth.go | 8 +-- service/connectcontactlens/endpoints.go | 8 ++- service/connectcontactlens/options.go | 3 ++ service/connectparticipant/api_client.go | 51 +++++++++++++++---- service/connectparticipant/auth.go | 8 +-- service/connectparticipant/endpoints.go | 8 ++- service/connectparticipant/options.go | 3 ++ service/controltower/api_client.go | 51 +++++++++++++++---- service/controltower/auth.go | 8 +-- service/controltower/endpoints.go | 8 ++- service/controltower/options.go | 3 ++ .../costandusagereportservice/api_client.go | 51 +++++++++++++++---- service/costandusagereportservice/auth.go | 8 +-- .../costandusagereportservice/endpoints.go | 8 ++- service/costandusagereportservice/options.go | 3 ++ service/costexplorer/api_client.go | 51 +++++++++++++++---- service/costexplorer/auth.go | 8 +-- service/costexplorer/endpoints.go | 8 ++- service/costexplorer/options.go | 3 ++ service/costoptimizationhub/api_client.go | 51 +++++++++++++++---- service/costoptimizationhub/auth.go | 8 +-- service/costoptimizationhub/endpoints.go | 8 ++- service/costoptimizationhub/options.go | 3 ++ service/customerprofiles/api_client.go | 51 +++++++++++++++---- service/customerprofiles/auth.go | 8 +-- service/customerprofiles/endpoints.go | 8 ++- service/customerprofiles/options.go | 3 ++ .../databasemigrationservice/api_client.go | 51 +++++++++++++++---- service/databasemigrationservice/auth.go | 8 +-- service/databasemigrationservice/endpoints.go | 8 ++- service/databasemigrationservice/options.go | 3 ++ service/databrew/api_client.go | 51 +++++++++++++++---- service/databrew/auth.go | 8 +-- service/databrew/endpoints.go | 8 ++- service/databrew/options.go | 3 ++ service/dataexchange/api_client.go | 51 +++++++++++++++---- service/dataexchange/auth.go | 8 +-- service/dataexchange/endpoints.go | 8 ++- service/dataexchange/options.go | 3 ++ service/datapipeline/api_client.go | 51 +++++++++++++++---- service/datapipeline/auth.go | 8 +-- service/datapipeline/endpoints.go | 8 ++- service/datapipeline/options.go | 3 ++ service/datasync/api_client.go | 51 +++++++++++++++---- service/datasync/auth.go | 8 +-- service/datasync/endpoints.go | 8 ++- service/datasync/options.go | 3 ++ service/datazone/api_client.go | 51 +++++++++++++++---- service/datazone/auth.go | 8 +-- service/datazone/endpoints.go | 8 ++- service/datazone/options.go | 3 ++ service/dax/api_client.go | 51 +++++++++++++++---- service/dax/auth.go | 8 +-- service/dax/endpoints.go | 8 ++- service/dax/options.go | 3 ++ service/detective/api_client.go | 51 +++++++++++++++---- service/detective/auth.go | 8 +-- service/detective/endpoints.go | 8 ++- service/detective/options.go | 3 ++ service/devicefarm/api_client.go | 51 +++++++++++++++---- service/devicefarm/auth.go | 8 +-- service/devicefarm/endpoints.go | 8 ++- service/devicefarm/options.go | 3 ++ service/devopsguru/api_client.go | 51 +++++++++++++++---- service/devopsguru/auth.go | 8 +-- service/devopsguru/endpoints.go | 8 ++- service/devopsguru/options.go | 3 ++ service/directconnect/api_client.go | 51 +++++++++++++++---- service/directconnect/auth.go | 8 +-- service/directconnect/endpoints.go | 8 ++- service/directconnect/options.go | 3 ++ service/directoryservice/api_client.go | 51 +++++++++++++++---- service/directoryservice/auth.go | 8 +-- service/directoryservice/endpoints.go | 8 ++- service/directoryservice/options.go | 3 ++ service/dlm/api_client.go | 51 +++++++++++++++---- service/dlm/auth.go | 8 +-- service/dlm/endpoints.go | 8 ++- service/dlm/options.go | 3 ++ service/docdb/api_client.go | 51 +++++++++++++++---- service/docdb/auth.go | 8 +-- service/docdb/endpoints.go | 8 ++- service/docdb/options.go | 3 ++ service/docdbelastic/api_client.go | 51 +++++++++++++++---- service/docdbelastic/auth.go | 8 +-- service/docdbelastic/endpoints.go | 8 ++- service/docdbelastic/options.go | 3 ++ service/drs/api_client.go | 51 +++++++++++++++---- service/drs/auth.go | 8 +-- service/drs/endpoints.go | 8 ++- service/drs/options.go | 3 ++ service/dynamodb/api_client.go | 51 +++++++++++++++---- service/dynamodb/auth.go | 8 +-- service/dynamodb/endpoints.go | 8 ++- service/dynamodb/options.go | 3 ++ service/dynamodbstreams/api_client.go | 51 +++++++++++++++---- service/dynamodbstreams/auth.go | 8 +-- service/dynamodbstreams/endpoints.go | 8 ++- service/dynamodbstreams/options.go | 3 ++ service/ebs/api_client.go | 51 +++++++++++++++---- service/ebs/auth.go | 8 +-- service/ebs/endpoints.go | 8 ++- service/ebs/options.go | 3 ++ service/ec2/api_client.go | 51 +++++++++++++++---- service/ec2/auth.go | 8 +-- service/ec2/endpoints.go | 8 ++- service/ec2/options.go | 3 ++ service/ec2instanceconnect/api_client.go | 51 +++++++++++++++---- service/ec2instanceconnect/auth.go | 8 +-- service/ec2instanceconnect/endpoints.go | 8 ++- service/ec2instanceconnect/options.go | 3 ++ service/ecr/api_client.go | 51 +++++++++++++++---- service/ecr/auth.go | 8 +-- service/ecr/endpoints.go | 8 ++- service/ecr/options.go | 3 ++ service/ecrpublic/api_client.go | 51 +++++++++++++++---- service/ecrpublic/auth.go | 8 +-- service/ecrpublic/endpoints.go | 8 ++- service/ecrpublic/options.go | 3 ++ service/ecs/api_client.go | 51 +++++++++++++++---- service/ecs/auth.go | 8 +-- service/ecs/endpoints.go | 8 ++- service/ecs/options.go | 3 ++ service/efs/api_client.go | 51 +++++++++++++++---- service/efs/auth.go | 8 +-- service/efs/endpoints.go | 8 ++- service/efs/options.go | 3 ++ service/eks/api_client.go | 51 +++++++++++++++---- service/eks/auth.go | 8 +-- service/eks/endpoints.go | 8 ++- service/eks/options.go | 3 ++ service/eksauth/api_client.go | 51 +++++++++++++++---- service/eksauth/auth.go | 8 +-- service/eksauth/endpoints.go | 8 ++- service/eksauth/options.go | 3 ++ service/elasticache/api_client.go | 51 +++++++++++++++---- service/elasticache/auth.go | 8 +-- service/elasticache/endpoints.go | 8 ++- service/elasticache/options.go | 3 ++ service/elasticbeanstalk/api_client.go | 51 +++++++++++++++---- service/elasticbeanstalk/auth.go | 8 +-- service/elasticbeanstalk/endpoints.go | 8 ++- service/elasticbeanstalk/options.go | 3 ++ service/elasticinference/api_client.go | 51 +++++++++++++++---- service/elasticinference/auth.go | 8 +-- service/elasticinference/endpoints.go | 8 ++- service/elasticinference/options.go | 3 ++ service/elasticloadbalancing/api_client.go | 51 +++++++++++++++---- service/elasticloadbalancing/auth.go | 8 +-- service/elasticloadbalancing/endpoints.go | 8 ++- service/elasticloadbalancing/options.go | 3 ++ service/elasticloadbalancingv2/api_client.go | 51 +++++++++++++++---- service/elasticloadbalancingv2/auth.go | 8 +-- service/elasticloadbalancingv2/endpoints.go | 8 ++- service/elasticloadbalancingv2/options.go | 3 ++ service/elasticsearchservice/api_client.go | 51 +++++++++++++++---- service/elasticsearchservice/auth.go | 8 +-- service/elasticsearchservice/endpoints.go | 8 ++- service/elasticsearchservice/options.go | 3 ++ service/elastictranscoder/api_client.go | 51 +++++++++++++++---- service/elastictranscoder/auth.go | 8 +-- service/elastictranscoder/endpoints.go | 8 ++- service/elastictranscoder/options.go | 3 ++ service/emr/api_client.go | 51 +++++++++++++++---- service/emr/auth.go | 8 +-- service/emr/endpoints.go | 8 ++- service/emr/options.go | 3 ++ service/emrcontainers/api_client.go | 51 +++++++++++++++---- service/emrcontainers/auth.go | 8 +-- service/emrcontainers/endpoints.go | 8 ++- service/emrcontainers/options.go | 3 ++ service/emrserverless/api_client.go | 51 +++++++++++++++---- service/emrserverless/auth.go | 8 +-- service/emrserverless/endpoints.go | 8 ++- service/emrserverless/options.go | 3 ++ service/entityresolution/api_client.go | 51 +++++++++++++++---- service/entityresolution/auth.go | 8 +-- service/entityresolution/endpoints.go | 8 ++- service/entityresolution/options.go | 3 ++ service/eventbridge/api_client.go | 51 +++++++++++++++---- service/eventbridge/auth.go | 14 ++--- service/eventbridge/endpoints.go | 8 ++- service/eventbridge/options.go | 3 ++ service/evidently/api_client.go | 51 +++++++++++++++---- service/evidently/auth.go | 8 +-- service/evidently/endpoints.go | 8 ++- service/evidently/options.go | 3 ++ service/finspace/api_client.go | 51 +++++++++++++++---- service/finspace/auth.go | 8 +-- service/finspace/endpoints.go | 8 ++- service/finspace/options.go | 3 ++ service/finspacedata/api_client.go | 51 +++++++++++++++---- service/finspacedata/auth.go | 8 +-- service/finspacedata/endpoints.go | 8 ++- service/finspacedata/options.go | 3 ++ service/firehose/api_client.go | 51 +++++++++++++++---- service/firehose/auth.go | 8 +-- service/firehose/endpoints.go | 8 ++- service/firehose/options.go | 3 ++ service/fis/api_client.go | 51 +++++++++++++++---- service/fis/auth.go | 8 +-- service/fis/endpoints.go | 8 ++- service/fis/options.go | 3 ++ service/fms/api_client.go | 51 +++++++++++++++---- service/fms/auth.go | 8 +-- service/fms/endpoints.go | 8 ++- service/fms/options.go | 3 ++ service/forecast/api_client.go | 51 +++++++++++++++---- service/forecast/auth.go | 8 +-- service/forecast/endpoints.go | 8 ++- service/forecast/options.go | 3 ++ service/forecastquery/api_client.go | 51 +++++++++++++++---- service/forecastquery/auth.go | 8 +-- service/forecastquery/endpoints.go | 8 ++- service/forecastquery/options.go | 3 ++ service/frauddetector/api_client.go | 51 +++++++++++++++---- service/frauddetector/auth.go | 8 +-- service/frauddetector/endpoints.go | 8 ++- service/frauddetector/options.go | 3 ++ service/freetier/api_client.go | 51 +++++++++++++++---- service/freetier/auth.go | 8 +-- service/freetier/endpoints.go | 8 ++- service/freetier/options.go | 3 ++ service/fsx/api_client.go | 51 +++++++++++++++---- service/fsx/auth.go | 8 +-- service/fsx/endpoints.go | 8 ++- service/fsx/options.go | 3 ++ service/gamelift/api_client.go | 51 +++++++++++++++---- service/gamelift/auth.go | 8 +-- service/gamelift/endpoints.go | 8 ++- service/gamelift/options.go | 3 ++ service/glacier/api_client.go | 51 +++++++++++++++---- service/glacier/auth.go | 8 +-- service/glacier/endpoints.go | 8 ++- service/glacier/options.go | 3 ++ service/globalaccelerator/api_client.go | 51 +++++++++++++++---- service/globalaccelerator/auth.go | 8 +-- service/globalaccelerator/endpoints.go | 8 ++- service/globalaccelerator/options.go | 3 ++ service/glue/api_client.go | 51 +++++++++++++++---- service/glue/auth.go | 8 +-- service/glue/endpoints.go | 8 ++- service/glue/options.go | 3 ++ service/grafana/api_client.go | 51 +++++++++++++++---- service/grafana/auth.go | 8 +-- service/grafana/endpoints.go | 8 ++- service/grafana/options.go | 3 ++ service/greengrass/api_client.go | 51 +++++++++++++++---- service/greengrass/auth.go | 8 +-- service/greengrass/endpoints.go | 8 ++- service/greengrass/options.go | 3 ++ service/greengrassv2/api_client.go | 51 +++++++++++++++---- service/greengrassv2/auth.go | 8 +-- service/greengrassv2/endpoints.go | 8 ++- service/greengrassv2/options.go | 3 ++ service/groundstation/api_client.go | 51 +++++++++++++++---- service/groundstation/auth.go | 8 +-- service/groundstation/endpoints.go | 8 ++- service/groundstation/options.go | 3 ++ service/guardduty/api_client.go | 51 +++++++++++++++---- service/guardduty/auth.go | 8 +-- service/guardduty/endpoints.go | 8 ++- service/guardduty/options.go | 3 ++ service/health/api_client.go | 51 +++++++++++++++---- service/health/auth.go | 8 +-- service/health/endpoints.go | 8 ++- service/health/options.go | 3 ++ service/healthlake/api_client.go | 51 +++++++++++++++---- service/healthlake/auth.go | 8 +-- service/healthlake/endpoints.go | 8 ++- service/healthlake/options.go | 3 ++ service/honeycode/api_client.go | 51 +++++++++++++++---- service/honeycode/auth.go | 8 +-- service/honeycode/endpoints.go | 8 ++- service/honeycode/options.go | 3 ++ service/iam/api_client.go | 51 +++++++++++++++---- service/iam/auth.go | 8 +-- service/iam/endpoints.go | 8 ++- service/iam/options.go | 3 ++ service/identitystore/api_client.go | 51 +++++++++++++++---- service/identitystore/auth.go | 8 +-- service/identitystore/endpoints.go | 8 ++- service/identitystore/options.go | 3 ++ service/imagebuilder/api_client.go | 51 +++++++++++++++---- service/imagebuilder/auth.go | 8 +-- service/imagebuilder/endpoints.go | 8 ++- service/imagebuilder/options.go | 3 ++ service/inspector/api_client.go | 51 +++++++++++++++---- service/inspector/auth.go | 8 +-- service/inspector/endpoints.go | 8 ++- service/inspector/options.go | 3 ++ service/inspector2/api_client.go | 51 +++++++++++++++---- service/inspector2/auth.go | 8 +-- service/inspector2/endpoints.go | 8 ++- service/inspector2/options.go | 3 ++ service/inspectorscan/api_client.go | 51 +++++++++++++++---- service/inspectorscan/auth.go | 8 +-- service/inspectorscan/endpoints.go | 8 ++- service/inspectorscan/options.go | 3 ++ service/internetmonitor/api_client.go | 51 +++++++++++++++---- service/internetmonitor/auth.go | 8 +-- service/internetmonitor/endpoints.go | 8 ++- service/internetmonitor/options.go | 3 ++ service/iot/api_client.go | 51 +++++++++++++++---- service/iot/auth.go | 8 +-- service/iot/endpoints.go | 8 ++- service/iot/options.go | 3 ++ service/iot1clickdevicesservice/api_client.go | 51 +++++++++++++++---- service/iot1clickdevicesservice/auth.go | 8 +-- service/iot1clickdevicesservice/endpoints.go | 8 ++- service/iot1clickdevicesservice/options.go | 3 ++ service/iot1clickprojects/api_client.go | 51 +++++++++++++++---- service/iot1clickprojects/auth.go | 8 +-- service/iot1clickprojects/endpoints.go | 8 ++- service/iot1clickprojects/options.go | 3 ++ service/iotanalytics/api_client.go | 51 +++++++++++++++---- service/iotanalytics/auth.go | 8 +-- service/iotanalytics/endpoints.go | 8 ++- service/iotanalytics/options.go | 3 ++ service/iotdataplane/api_client.go | 51 +++++++++++++++---- service/iotdataplane/auth.go | 8 +-- service/iotdataplane/endpoints.go | 8 ++- service/iotdataplane/options.go | 3 ++ service/iotdeviceadvisor/api_client.go | 51 +++++++++++++++---- service/iotdeviceadvisor/auth.go | 8 +-- service/iotdeviceadvisor/endpoints.go | 8 ++- service/iotdeviceadvisor/options.go | 3 ++ service/iotevents/api_client.go | 51 +++++++++++++++---- service/iotevents/auth.go | 8 +-- service/iotevents/endpoints.go | 8 ++- service/iotevents/options.go | 3 ++ service/ioteventsdata/api_client.go | 51 +++++++++++++++---- service/ioteventsdata/auth.go | 8 +-- service/ioteventsdata/endpoints.go | 8 ++- service/ioteventsdata/options.go | 3 ++ service/iotfleethub/api_client.go | 51 +++++++++++++++---- service/iotfleethub/auth.go | 8 +-- service/iotfleethub/endpoints.go | 8 ++- service/iotfleethub/options.go | 3 ++ service/iotfleetwise/api_client.go | 51 +++++++++++++++---- service/iotfleetwise/auth.go | 8 +-- service/iotfleetwise/endpoints.go | 8 ++- service/iotfleetwise/options.go | 3 ++ service/iotjobsdataplane/api_client.go | 51 +++++++++++++++---- service/iotjobsdataplane/auth.go | 8 +-- service/iotjobsdataplane/endpoints.go | 8 ++- service/iotjobsdataplane/options.go | 3 ++ service/iotroborunner/api_client.go | 51 +++++++++++++++---- service/iotroborunner/auth.go | 8 +-- service/iotroborunner/endpoints.go | 8 ++- service/iotroborunner/options.go | 3 ++ service/iotsecuretunneling/api_client.go | 51 +++++++++++++++---- service/iotsecuretunneling/auth.go | 8 +-- service/iotsecuretunneling/endpoints.go | 8 ++- service/iotsecuretunneling/options.go | 3 ++ service/iotsitewise/api_client.go | 51 +++++++++++++++---- service/iotsitewise/auth.go | 8 +-- service/iotsitewise/endpoints.go | 8 ++- service/iotsitewise/options.go | 3 ++ service/iotthingsgraph/api_client.go | 51 +++++++++++++++---- service/iotthingsgraph/auth.go | 8 +-- service/iotthingsgraph/endpoints.go | 8 ++- service/iotthingsgraph/options.go | 3 ++ service/iottwinmaker/api_client.go | 51 +++++++++++++++---- service/iottwinmaker/auth.go | 8 +-- service/iottwinmaker/endpoints.go | 8 ++- service/iottwinmaker/options.go | 3 ++ service/iotwireless/api_client.go | 51 +++++++++++++++---- service/iotwireless/auth.go | 8 +-- service/iotwireless/endpoints.go | 8 ++- service/iotwireless/options.go | 3 ++ service/ivs/api_client.go | 51 +++++++++++++++---- service/ivs/auth.go | 8 +-- service/ivs/endpoints.go | 8 ++- service/ivs/options.go | 3 ++ service/ivschat/api_client.go | 51 +++++++++++++++---- service/ivschat/auth.go | 8 +-- service/ivschat/endpoints.go | 8 ++- service/ivschat/options.go | 3 ++ service/ivsrealtime/api_client.go | 51 +++++++++++++++---- service/ivsrealtime/auth.go | 8 +-- service/ivsrealtime/endpoints.go | 8 ++- service/ivsrealtime/options.go | 3 ++ service/kafka/api_client.go | 51 +++++++++++++++---- service/kafka/auth.go | 8 +-- service/kafka/endpoints.go | 8 ++- service/kafka/options.go | 3 ++ service/kafkaconnect/api_client.go | 51 +++++++++++++++---- service/kafkaconnect/auth.go | 8 +-- service/kafkaconnect/endpoints.go | 8 ++- service/kafkaconnect/options.go | 3 ++ service/kendra/api_client.go | 51 +++++++++++++++---- service/kendra/auth.go | 8 +-- service/kendra/endpoints.go | 8 ++- service/kendra/options.go | 3 ++ service/kendraranking/api_client.go | 51 +++++++++++++++---- service/kendraranking/auth.go | 8 +-- service/kendraranking/endpoints.go | 8 ++- service/kendraranking/options.go | 3 ++ service/keyspaces/api_client.go | 51 +++++++++++++++---- service/keyspaces/auth.go | 8 +-- service/keyspaces/endpoints.go | 8 ++- service/keyspaces/options.go | 3 ++ service/kinesis/api_client.go | 51 +++++++++++++++---- service/kinesis/auth.go | 8 +-- service/kinesis/endpoints.go | 8 ++- service/kinesis/options.go | 3 ++ service/kinesisanalytics/api_client.go | 51 +++++++++++++++---- service/kinesisanalytics/auth.go | 8 +-- service/kinesisanalytics/endpoints.go | 8 ++- service/kinesisanalytics/options.go | 3 ++ service/kinesisanalyticsv2/api_client.go | 51 +++++++++++++++---- service/kinesisanalyticsv2/auth.go | 8 +-- service/kinesisanalyticsv2/endpoints.go | 8 ++- service/kinesisanalyticsv2/options.go | 3 ++ service/kinesisvideo/api_client.go | 51 +++++++++++++++---- service/kinesisvideo/auth.go | 8 +-- service/kinesisvideo/endpoints.go | 8 ++- service/kinesisvideo/options.go | 3 ++ .../kinesisvideoarchivedmedia/api_client.go | 51 +++++++++++++++---- service/kinesisvideoarchivedmedia/auth.go | 8 +-- .../kinesisvideoarchivedmedia/endpoints.go | 8 ++- service/kinesisvideoarchivedmedia/options.go | 3 ++ service/kinesisvideomedia/api_client.go | 51 +++++++++++++++---- service/kinesisvideomedia/auth.go | 8 +-- service/kinesisvideomedia/endpoints.go | 8 ++- service/kinesisvideomedia/options.go | 3 ++ service/kinesisvideosignaling/api_client.go | 51 +++++++++++++++---- service/kinesisvideosignaling/auth.go | 8 +-- service/kinesisvideosignaling/endpoints.go | 8 ++- service/kinesisvideosignaling/options.go | 3 ++ .../kinesisvideowebrtcstorage/api_client.go | 51 +++++++++++++++---- service/kinesisvideowebrtcstorage/auth.go | 8 +-- .../kinesisvideowebrtcstorage/endpoints.go | 8 ++- service/kinesisvideowebrtcstorage/options.go | 3 ++ service/kms/api_client.go | 51 +++++++++++++++---- service/kms/auth.go | 8 +-- service/kms/endpoints.go | 8 ++- service/kms/options.go | 3 ++ service/lakeformation/api_client.go | 51 +++++++++++++++---- service/lakeformation/auth.go | 8 +-- service/lakeformation/endpoints.go | 8 ++- service/lakeformation/options.go | 3 ++ service/lambda/api_client.go | 51 +++++++++++++++---- service/lambda/auth.go | 8 +-- service/lambda/endpoints.go | 8 ++- service/lambda/options.go | 3 ++ service/launchwizard/api_client.go | 51 +++++++++++++++---- service/launchwizard/auth.go | 8 +-- service/launchwizard/endpoints.go | 8 ++- service/launchwizard/options.go | 3 ++ service/lexmodelbuildingservice/api_client.go | 51 +++++++++++++++---- service/lexmodelbuildingservice/auth.go | 8 +-- service/lexmodelbuildingservice/endpoints.go | 8 ++- service/lexmodelbuildingservice/options.go | 3 ++ service/lexmodelsv2/api_client.go | 51 +++++++++++++++---- service/lexmodelsv2/auth.go | 8 +-- service/lexmodelsv2/endpoints.go | 8 ++- service/lexmodelsv2/options.go | 3 ++ service/lexruntimeservice/api_client.go | 51 +++++++++++++++---- service/lexruntimeservice/auth.go | 8 +-- service/lexruntimeservice/endpoints.go | 8 ++- service/lexruntimeservice/options.go | 3 ++ service/lexruntimev2/api_client.go | 51 +++++++++++++++---- service/lexruntimev2/auth.go | 8 +-- service/lexruntimev2/endpoints.go | 8 ++- service/lexruntimev2/options.go | 3 ++ service/licensemanager/api_client.go | 51 +++++++++++++++---- service/licensemanager/auth.go | 8 +-- service/licensemanager/endpoints.go | 8 ++- service/licensemanager/options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- .../licensemanagerlinuxsubscriptions/auth.go | 8 +-- .../endpoints.go | 8 ++- .../options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- .../licensemanagerusersubscriptions/auth.go | 8 +-- .../endpoints.go | 8 ++- .../options.go | 3 ++ service/lightsail/api_client.go | 51 +++++++++++++++---- service/lightsail/auth.go | 8 +-- service/lightsail/endpoints.go | 8 ++- service/lightsail/options.go | 3 ++ service/location/api_client.go | 51 +++++++++++++++---- service/location/auth.go | 8 +-- service/location/endpoints.go | 8 ++- service/location/options.go | 3 ++ service/lookoutequipment/api_client.go | 51 +++++++++++++++---- service/lookoutequipment/auth.go | 8 +-- service/lookoutequipment/endpoints.go | 8 ++- service/lookoutequipment/options.go | 3 ++ service/lookoutmetrics/api_client.go | 51 +++++++++++++++---- service/lookoutmetrics/auth.go | 8 +-- service/lookoutmetrics/endpoints.go | 8 ++- service/lookoutmetrics/options.go | 3 ++ service/lookoutvision/api_client.go | 51 +++++++++++++++---- service/lookoutvision/auth.go | 8 +-- service/lookoutvision/endpoints.go | 8 ++- service/lookoutvision/options.go | 3 ++ service/m2/api_client.go | 51 +++++++++++++++---- service/m2/auth.go | 8 +-- service/m2/endpoints.go | 8 ++- service/m2/options.go | 3 ++ service/machinelearning/api_client.go | 51 +++++++++++++++---- service/machinelearning/auth.go | 8 +-- service/machinelearning/endpoints.go | 8 ++- service/machinelearning/options.go | 3 ++ service/macie2/api_client.go | 51 +++++++++++++++---- service/macie2/auth.go | 8 +-- service/macie2/endpoints.go | 8 ++- service/macie2/options.go | 3 ++ service/managedblockchain/api_client.go | 51 +++++++++++++++---- service/managedblockchain/auth.go | 8 +-- service/managedblockchain/endpoints.go | 8 ++- service/managedblockchain/options.go | 3 ++ service/managedblockchainquery/api_client.go | 51 +++++++++++++++---- service/managedblockchainquery/auth.go | 8 +-- service/managedblockchainquery/endpoints.go | 8 ++- service/managedblockchainquery/options.go | 3 ++ service/marketplaceagreement/api_client.go | 51 +++++++++++++++---- service/marketplaceagreement/auth.go | 8 +-- service/marketplaceagreement/endpoints.go | 8 ++- service/marketplaceagreement/options.go | 3 ++ service/marketplacecatalog/api_client.go | 51 +++++++++++++++---- service/marketplacecatalog/auth.go | 8 +-- service/marketplacecatalog/endpoints.go | 8 ++- service/marketplacecatalog/options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- service/marketplacecommerceanalytics/auth.go | 8 +-- .../marketplacecommerceanalytics/endpoints.go | 8 ++- .../marketplacecommerceanalytics/options.go | 3 ++ service/marketplacedeployment/api_client.go | 51 +++++++++++++++---- service/marketplacedeployment/auth.go | 8 +-- service/marketplacedeployment/endpoints.go | 8 ++- service/marketplacedeployment/options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- service/marketplaceentitlementservice/auth.go | 8 +-- .../endpoints.go | 8 ++- .../marketplaceentitlementservice/options.go | 3 ++ service/marketplacemetering/api_client.go | 51 +++++++++++++++---- service/marketplacemetering/auth.go | 8 +-- service/marketplacemetering/endpoints.go | 8 ++- service/marketplacemetering/options.go | 3 ++ service/mediaconnect/api_client.go | 51 +++++++++++++++---- service/mediaconnect/auth.go | 8 +-- service/mediaconnect/endpoints.go | 8 ++- service/mediaconnect/options.go | 3 ++ service/mediaconvert/api_client.go | 51 +++++++++++++++---- service/mediaconvert/auth.go | 8 +-- service/mediaconvert/endpoints.go | 8 ++- service/mediaconvert/options.go | 3 ++ service/medialive/api_client.go | 51 +++++++++++++++---- service/medialive/auth.go | 8 +-- service/medialive/endpoints.go | 8 ++- service/medialive/options.go | 3 ++ service/mediapackage/api_client.go | 51 +++++++++++++++---- service/mediapackage/auth.go | 8 +-- service/mediapackage/endpoints.go | 8 ++- service/mediapackage/options.go | 3 ++ service/mediapackagev2/api_client.go | 51 +++++++++++++++---- service/mediapackagev2/auth.go | 8 +-- service/mediapackagev2/endpoints.go | 8 ++- service/mediapackagev2/options.go | 3 ++ service/mediapackagevod/api_client.go | 51 +++++++++++++++---- service/mediapackagevod/auth.go | 8 +-- service/mediapackagevod/endpoints.go | 8 ++- service/mediapackagevod/options.go | 3 ++ service/mediastore/api_client.go | 51 +++++++++++++++---- service/mediastore/auth.go | 8 +-- service/mediastore/endpoints.go | 8 ++- service/mediastore/options.go | 3 ++ service/mediastoredata/api_client.go | 51 +++++++++++++++---- service/mediastoredata/auth.go | 8 +-- service/mediastoredata/endpoints.go | 8 ++- service/mediastoredata/options.go | 3 ++ service/mediatailor/api_client.go | 51 +++++++++++++++---- service/mediatailor/auth.go | 8 +-- service/mediatailor/endpoints.go | 8 ++- service/mediatailor/options.go | 3 ++ service/medicalimaging/api_client.go | 51 +++++++++++++++---- service/medicalimaging/auth.go | 8 +-- service/medicalimaging/endpoints.go | 8 ++- service/medicalimaging/options.go | 3 ++ service/memorydb/api_client.go | 51 +++++++++++++++---- service/memorydb/auth.go | 8 +-- service/memorydb/endpoints.go | 8 ++- service/memorydb/options.go | 3 ++ service/mgn/api_client.go | 51 +++++++++++++++---- service/mgn/auth.go | 8 +-- service/mgn/endpoints.go | 8 ++- service/mgn/options.go | 3 ++ service/migrationhub/api_client.go | 51 +++++++++++++++---- service/migrationhub/auth.go | 8 +-- service/migrationhub/endpoints.go | 8 ++- service/migrationhub/options.go | 3 ++ service/migrationhubconfig/api_client.go | 51 +++++++++++++++---- service/migrationhubconfig/auth.go | 8 +-- service/migrationhubconfig/endpoints.go | 8 ++- service/migrationhubconfig/options.go | 3 ++ .../migrationhuborchestrator/api_client.go | 51 +++++++++++++++---- service/migrationhuborchestrator/auth.go | 8 +-- service/migrationhuborchestrator/endpoints.go | 8 ++- service/migrationhuborchestrator/options.go | 3 ++ .../migrationhubrefactorspaces/api_client.go | 51 +++++++++++++++---- service/migrationhubrefactorspaces/auth.go | 8 +-- .../migrationhubrefactorspaces/endpoints.go | 8 ++- service/migrationhubrefactorspaces/options.go | 3 ++ service/migrationhubstrategy/api_client.go | 51 +++++++++++++++---- service/migrationhubstrategy/auth.go | 8 +-- service/migrationhubstrategy/endpoints.go | 8 ++- service/migrationhubstrategy/options.go | 3 ++ service/mobile/api_client.go | 51 +++++++++++++++---- service/mobile/auth.go | 8 +-- service/mobile/endpoints.go | 8 ++- service/mobile/options.go | 3 ++ service/mq/api_client.go | 51 +++++++++++++++---- service/mq/auth.go | 8 +-- service/mq/endpoints.go | 8 ++- service/mq/options.go | 3 ++ service/mturk/api_client.go | 51 +++++++++++++++---- service/mturk/auth.go | 8 +-- service/mturk/endpoints.go | 8 ++- service/mturk/options.go | 3 ++ service/mwaa/api_client.go | 51 +++++++++++++++---- service/mwaa/auth.go | 8 +-- service/mwaa/endpoints.go | 8 ++- service/mwaa/options.go | 3 ++ service/neptune/api_client.go | 51 +++++++++++++++---- service/neptune/auth.go | 8 +-- service/neptune/endpoints.go | 8 ++- service/neptune/options.go | 3 ++ service/neptunedata/api_client.go | 51 +++++++++++++++---- service/neptunedata/auth.go | 8 +-- service/neptunedata/endpoints.go | 8 ++- service/neptunedata/options.go | 3 ++ service/neptunegraph/api_client.go | 51 +++++++++++++++---- service/neptunegraph/auth.go | 8 +-- service/neptunegraph/endpoints.go | 8 ++- service/neptunegraph/options.go | 3 ++ service/networkfirewall/api_client.go | 51 +++++++++++++++---- service/networkfirewall/auth.go | 8 +-- service/networkfirewall/endpoints.go | 8 ++- service/networkfirewall/options.go | 3 ++ service/networkmanager/api_client.go | 51 +++++++++++++++---- service/networkmanager/auth.go | 8 +-- service/networkmanager/endpoints.go | 8 ++- service/networkmanager/options.go | 3 ++ service/networkmonitor/api_client.go | 51 +++++++++++++++---- service/networkmonitor/auth.go | 8 +-- service/networkmonitor/endpoints.go | 8 ++- service/networkmonitor/options.go | 3 ++ service/nimble/api_client.go | 51 +++++++++++++++---- service/nimble/auth.go | 8 +-- service/nimble/endpoints.go | 8 ++- service/nimble/options.go | 3 ++ service/oam/api_client.go | 51 +++++++++++++++---- service/oam/auth.go | 8 +-- service/oam/endpoints.go | 8 ++- service/oam/options.go | 3 ++ service/omics/api_client.go | 51 +++++++++++++++---- service/omics/auth.go | 8 +-- service/omics/endpoints.go | 8 ++- service/omics/options.go | 3 ++ service/opensearch/api_client.go | 51 +++++++++++++++---- service/opensearch/auth.go | 8 +-- service/opensearch/endpoints.go | 8 ++- service/opensearch/options.go | 3 ++ service/opensearchserverless/api_client.go | 51 +++++++++++++++---- service/opensearchserverless/auth.go | 8 +-- service/opensearchserverless/endpoints.go | 8 ++- service/opensearchserverless/options.go | 3 ++ service/opsworks/api_client.go | 51 +++++++++++++++---- service/opsworks/auth.go | 8 +-- service/opsworks/endpoints.go | 8 ++- service/opsworks/options.go | 3 ++ service/opsworkscm/api_client.go | 51 +++++++++++++++---- service/opsworkscm/auth.go | 8 +-- service/opsworkscm/endpoints.go | 8 ++- service/opsworkscm/options.go | 3 ++ service/organizations/api_client.go | 51 +++++++++++++++---- service/organizations/auth.go | 8 +-- service/organizations/endpoints.go | 8 ++- service/organizations/options.go | 3 ++ service/osis/api_client.go | 51 +++++++++++++++---- service/osis/auth.go | 8 +-- service/osis/endpoints.go | 8 ++- service/osis/options.go | 3 ++ service/outposts/api_client.go | 51 +++++++++++++++---- service/outposts/auth.go | 8 +-- service/outposts/endpoints.go | 8 ++- service/outposts/options.go | 3 ++ service/panorama/api_client.go | 51 +++++++++++++++---- service/panorama/auth.go | 8 +-- service/panorama/endpoints.go | 8 ++- service/panorama/options.go | 3 ++ service/paymentcryptography/api_client.go | 51 +++++++++++++++---- service/paymentcryptography/auth.go | 8 +-- service/paymentcryptography/endpoints.go | 8 ++- service/paymentcryptography/options.go | 3 ++ service/paymentcryptographydata/api_client.go | 51 +++++++++++++++---- service/paymentcryptographydata/auth.go | 8 +-- service/paymentcryptographydata/endpoints.go | 8 ++- service/paymentcryptographydata/options.go | 3 ++ service/pcaconnectorad/api_client.go | 51 +++++++++++++++---- service/pcaconnectorad/auth.go | 8 +-- service/pcaconnectorad/endpoints.go | 8 ++- service/pcaconnectorad/options.go | 3 ++ service/personalize/api_client.go | 51 +++++++++++++++---- service/personalize/auth.go | 8 +-- service/personalize/endpoints.go | 8 ++- service/personalize/options.go | 3 ++ service/personalizeevents/api_client.go | 51 +++++++++++++++---- service/personalizeevents/auth.go | 8 +-- service/personalizeevents/endpoints.go | 8 ++- service/personalizeevents/options.go | 3 ++ service/personalizeruntime/api_client.go | 51 +++++++++++++++---- service/personalizeruntime/auth.go | 8 +-- service/personalizeruntime/endpoints.go | 8 ++- service/personalizeruntime/options.go | 3 ++ service/pi/api_client.go | 51 +++++++++++++++---- service/pi/auth.go | 8 +-- service/pi/endpoints.go | 8 ++- service/pi/options.go | 3 ++ service/pinpoint/api_client.go | 51 +++++++++++++++---- service/pinpoint/auth.go | 8 +-- service/pinpoint/endpoints.go | 8 ++- service/pinpoint/options.go | 3 ++ service/pinpointemail/api_client.go | 51 +++++++++++++++---- service/pinpointemail/auth.go | 8 +-- service/pinpointemail/endpoints.go | 8 ++- service/pinpointemail/options.go | 3 ++ service/pinpointsmsvoice/api_client.go | 51 +++++++++++++++---- service/pinpointsmsvoice/auth.go | 8 +-- service/pinpointsmsvoice/endpoints.go | 8 ++- service/pinpointsmsvoice/options.go | 3 ++ service/pinpointsmsvoicev2/api_client.go | 51 +++++++++++++++---- service/pinpointsmsvoicev2/auth.go | 8 +-- service/pinpointsmsvoicev2/endpoints.go | 8 ++- service/pinpointsmsvoicev2/options.go | 3 ++ service/pipes/api_client.go | 51 +++++++++++++++---- service/pipes/auth.go | 8 +-- service/pipes/endpoints.go | 8 ++- service/pipes/options.go | 3 ++ service/polly/api_client.go | 51 +++++++++++++++---- service/polly/auth.go | 8 +-- service/polly/endpoints.go | 8 ++- service/polly/options.go | 3 ++ service/pricing/api_client.go | 51 +++++++++++++++---- service/pricing/auth.go | 8 +-- service/pricing/endpoints.go | 8 ++- service/pricing/options.go | 3 ++ service/privatenetworks/api_client.go | 51 +++++++++++++++---- service/privatenetworks/auth.go | 8 +-- service/privatenetworks/endpoints.go | 8 ++- service/privatenetworks/options.go | 3 ++ service/proton/api_client.go | 51 +++++++++++++++---- service/proton/auth.go | 8 +-- service/proton/endpoints.go | 8 ++- service/proton/options.go | 3 ++ service/qbusiness/api_client.go | 51 +++++++++++++++---- service/qbusiness/auth.go | 8 +-- service/qbusiness/endpoints.go | 8 ++- service/qbusiness/options.go | 3 ++ service/qconnect/api_client.go | 51 +++++++++++++++---- service/qconnect/auth.go | 8 +-- service/qconnect/endpoints.go | 8 ++- service/qconnect/options.go | 3 ++ service/qldb/api_client.go | 51 +++++++++++++++---- service/qldb/auth.go | 8 +-- service/qldb/endpoints.go | 8 ++- service/qldb/options.go | 3 ++ service/qldbsession/api_client.go | 51 +++++++++++++++---- service/qldbsession/auth.go | 8 +-- service/qldbsession/endpoints.go | 8 ++- service/qldbsession/options.go | 3 ++ service/quicksight/api_client.go | 51 +++++++++++++++---- service/quicksight/auth.go | 8 +-- service/quicksight/endpoints.go | 8 ++- service/quicksight/options.go | 3 ++ service/ram/api_client.go | 51 +++++++++++++++---- service/ram/auth.go | 8 +-- service/ram/endpoints.go | 8 ++- service/ram/options.go | 3 ++ service/rbin/api_client.go | 51 +++++++++++++++---- service/rbin/auth.go | 8 +-- service/rbin/endpoints.go | 8 ++- service/rbin/options.go | 3 ++ service/rds/api_client.go | 51 +++++++++++++++---- service/rds/auth.go | 8 +-- service/rds/endpoints.go | 8 ++- service/rds/options.go | 3 ++ service/rdsdata/api_client.go | 51 +++++++++++++++---- service/rdsdata/auth.go | 8 +-- service/rdsdata/endpoints.go | 8 ++- service/rdsdata/options.go | 3 ++ service/redshift/api_client.go | 51 +++++++++++++++---- service/redshift/auth.go | 8 +-- service/redshift/endpoints.go | 8 ++- service/redshift/options.go | 3 ++ service/redshiftdata/api_client.go | 51 +++++++++++++++---- service/redshiftdata/auth.go | 8 +-- service/redshiftdata/endpoints.go | 8 ++- service/redshiftdata/options.go | 3 ++ service/redshiftserverless/api_client.go | 51 +++++++++++++++---- service/redshiftserverless/auth.go | 8 +-- service/redshiftserverless/endpoints.go | 8 ++- service/redshiftserverless/options.go | 3 ++ service/rekognition/api_client.go | 51 +++++++++++++++---- service/rekognition/auth.go | 8 +-- service/rekognition/endpoints.go | 8 ++- service/rekognition/options.go | 3 ++ service/repostspace/api_client.go | 51 +++++++++++++++---- service/repostspace/auth.go | 8 +-- service/repostspace/endpoints.go | 8 ++- service/repostspace/options.go | 3 ++ service/resiliencehub/api_client.go | 51 +++++++++++++++---- service/resiliencehub/auth.go | 8 +-- service/resiliencehub/endpoints.go | 8 ++- service/resiliencehub/options.go | 3 ++ service/resourceexplorer2/api_client.go | 51 +++++++++++++++---- service/resourceexplorer2/auth.go | 8 +-- service/resourceexplorer2/endpoints.go | 8 ++- service/resourceexplorer2/options.go | 3 ++ service/resourcegroups/api_client.go | 51 +++++++++++++++---- service/resourcegroups/auth.go | 8 +-- service/resourcegroups/endpoints.go | 8 ++- service/resourcegroups/options.go | 3 ++ .../resourcegroupstaggingapi/api_client.go | 51 +++++++++++++++---- service/resourcegroupstaggingapi/auth.go | 8 +-- service/resourcegroupstaggingapi/endpoints.go | 8 ++- service/resourcegroupstaggingapi/options.go | 3 ++ service/robomaker/api_client.go | 51 +++++++++++++++---- service/robomaker/auth.go | 8 +-- service/robomaker/endpoints.go | 8 ++- service/robomaker/options.go | 3 ++ service/rolesanywhere/api_client.go | 51 +++++++++++++++---- service/rolesanywhere/auth.go | 8 +-- service/rolesanywhere/endpoints.go | 8 ++- service/rolesanywhere/options.go | 3 ++ service/route53/api_client.go | 51 +++++++++++++++---- service/route53/auth.go | 8 +-- service/route53/endpoints.go | 8 ++- service/route53/options.go | 3 ++ service/route53domains/api_client.go | 51 +++++++++++++++---- service/route53domains/auth.go | 8 +-- service/route53domains/endpoints.go | 8 ++- service/route53domains/options.go | 3 ++ service/route53recoverycluster/api_client.go | 51 +++++++++++++++---- service/route53recoverycluster/auth.go | 8 +-- service/route53recoverycluster/endpoints.go | 8 ++- service/route53recoverycluster/options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- service/route53recoverycontrolconfig/auth.go | 8 +-- .../route53recoverycontrolconfig/endpoints.go | 8 ++- .../route53recoverycontrolconfig/options.go | 3 ++ .../route53recoveryreadiness/api_client.go | 51 +++++++++++++++---- service/route53recoveryreadiness/auth.go | 8 +-- service/route53recoveryreadiness/endpoints.go | 8 ++- service/route53recoveryreadiness/options.go | 3 ++ service/route53resolver/api_client.go | 51 +++++++++++++++---- service/route53resolver/auth.go | 8 +-- service/route53resolver/endpoints.go | 8 ++- service/route53resolver/options.go | 3 ++ service/rum/api_client.go | 51 +++++++++++++++---- service/rum/auth.go | 8 +-- service/rum/endpoints.go | 8 ++- service/rum/options.go | 3 ++ service/s3/api_client.go | 51 +++++++++++++++---- service/s3/auth.go | 14 ++--- service/s3/endpoints.go | 8 ++- service/s3/options.go | 3 ++ service/s3control/api_client.go | 51 +++++++++++++++---- service/s3control/auth.go | 8 +-- service/s3control/endpoints.go | 8 ++- service/s3control/options.go | 3 ++ service/s3outposts/api_client.go | 51 +++++++++++++++---- service/s3outposts/auth.go | 8 +-- service/s3outposts/endpoints.go | 8 ++- service/s3outposts/options.go | 3 ++ service/sagemaker/api_client.go | 51 +++++++++++++++---- service/sagemaker/auth.go | 8 +-- service/sagemaker/endpoints.go | 8 ++- service/sagemaker/options.go | 3 ++ service/sagemakera2iruntime/api_client.go | 51 +++++++++++++++---- service/sagemakera2iruntime/auth.go | 8 +-- service/sagemakera2iruntime/endpoints.go | 8 ++- service/sagemakera2iruntime/options.go | 3 ++ service/sagemakeredge/api_client.go | 51 +++++++++++++++---- service/sagemakeredge/auth.go | 8 +-- service/sagemakeredge/endpoints.go | 8 ++- service/sagemakeredge/options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- service/sagemakerfeaturestoreruntime/auth.go | 8 +-- .../sagemakerfeaturestoreruntime/endpoints.go | 8 ++- .../sagemakerfeaturestoreruntime/options.go | 3 ++ service/sagemakergeospatial/api_client.go | 51 +++++++++++++++---- service/sagemakergeospatial/auth.go | 8 +-- service/sagemakergeospatial/endpoints.go | 8 ++- service/sagemakergeospatial/options.go | 3 ++ service/sagemakermetrics/api_client.go | 51 +++++++++++++++---- service/sagemakermetrics/auth.go | 8 +-- service/sagemakermetrics/endpoints.go | 8 ++- service/sagemakermetrics/options.go | 3 ++ service/sagemakerruntime/api_client.go | 51 +++++++++++++++---- service/sagemakerruntime/auth.go | 8 +-- service/sagemakerruntime/endpoints.go | 8 ++- service/sagemakerruntime/options.go | 3 ++ service/savingsplans/api_client.go | 51 +++++++++++++++---- service/savingsplans/auth.go | 8 +-- service/savingsplans/endpoints.go | 8 ++- service/savingsplans/options.go | 3 ++ service/scheduler/api_client.go | 51 +++++++++++++++---- service/scheduler/auth.go | 8 +-- service/scheduler/endpoints.go | 8 ++- service/scheduler/options.go | 3 ++ service/schemas/api_client.go | 51 +++++++++++++++---- service/schemas/auth.go | 8 +-- service/schemas/endpoints.go | 8 ++- service/schemas/options.go | 3 ++ service/secretsmanager/api_client.go | 51 +++++++++++++++---- service/secretsmanager/auth.go | 8 +-- service/secretsmanager/endpoints.go | 8 ++- service/secretsmanager/options.go | 3 ++ service/securityhub/api_client.go | 51 +++++++++++++++---- service/securityhub/auth.go | 8 +-- service/securityhub/endpoints.go | 8 ++- service/securityhub/options.go | 3 ++ service/securitylake/api_client.go | 51 +++++++++++++++---- service/securitylake/auth.go | 8 +-- service/securitylake/endpoints.go | 8 ++- service/securitylake/options.go | 3 ++ .../api_client.go | 51 +++++++++++++++---- .../serverlessapplicationrepository/auth.go | 8 +-- .../endpoints.go | 8 ++- .../options.go | 3 ++ service/servicecatalog/api_client.go | 51 +++++++++++++++---- service/servicecatalog/auth.go | 8 +-- service/servicecatalog/endpoints.go | 8 ++- service/servicecatalog/options.go | 3 ++ .../servicecatalogappregistry/api_client.go | 51 +++++++++++++++---- service/servicecatalogappregistry/auth.go | 8 +-- .../servicecatalogappregistry/endpoints.go | 8 ++- service/servicecatalogappregistry/options.go | 3 ++ service/servicediscovery/api_client.go | 51 +++++++++++++++---- service/servicediscovery/auth.go | 8 +-- service/servicediscovery/endpoints.go | 8 ++- service/servicediscovery/options.go | 3 ++ service/servicequotas/api_client.go | 51 +++++++++++++++---- service/servicequotas/auth.go | 8 +-- service/servicequotas/endpoints.go | 8 ++- service/servicequotas/options.go | 3 ++ service/ses/api_client.go | 51 +++++++++++++++---- service/ses/auth.go | 8 +-- service/ses/endpoints.go | 8 ++- service/ses/options.go | 3 ++ service/sesv2/api_client.go | 51 +++++++++++++++---- service/sesv2/auth.go | 8 +-- service/sesv2/endpoints.go | 8 ++- service/sesv2/options.go | 3 ++ service/sfn/api_client.go | 51 +++++++++++++++---- service/sfn/auth.go | 8 +-- service/sfn/endpoints.go | 8 ++- service/sfn/options.go | 3 ++ service/shield/api_client.go | 51 +++++++++++++++---- service/shield/auth.go | 8 +-- service/shield/endpoints.go | 8 ++- service/shield/options.go | 3 ++ service/signer/api_client.go | 51 +++++++++++++++---- service/signer/auth.go | 8 +-- service/signer/endpoints.go | 8 ++- service/signer/options.go | 3 ++ service/simspaceweaver/api_client.go | 51 +++++++++++++++---- service/simspaceweaver/auth.go | 8 +-- service/simspaceweaver/endpoints.go | 8 ++- service/simspaceweaver/options.go | 3 ++ service/sms/api_client.go | 51 +++++++++++++++---- service/sms/auth.go | 8 +-- service/sms/endpoints.go | 8 ++- service/sms/options.go | 3 ++ service/snowball/api_client.go | 51 +++++++++++++++---- service/snowball/auth.go | 8 +-- service/snowball/endpoints.go | 8 ++- service/snowball/options.go | 3 ++ service/snowdevicemanagement/api_client.go | 51 +++++++++++++++---- service/snowdevicemanagement/auth.go | 8 +-- service/snowdevicemanagement/endpoints.go | 8 ++- service/snowdevicemanagement/options.go | 3 ++ service/sns/api_client.go | 51 +++++++++++++++---- service/sns/auth.go | 8 +-- service/sns/endpoints.go | 8 ++- service/sns/options.go | 3 ++ service/sqs/api_client.go | 51 +++++++++++++++---- service/sqs/auth.go | 8 +-- service/sqs/endpoints.go | 8 ++- service/sqs/options.go | 3 ++ service/ssm/api_client.go | 51 +++++++++++++++---- service/ssm/auth.go | 8 +-- service/ssm/endpoints.go | 8 ++- service/ssm/options.go | 3 ++ service/ssmcontacts/api_client.go | 51 +++++++++++++++---- service/ssmcontacts/auth.go | 8 +-- service/ssmcontacts/endpoints.go | 8 ++- service/ssmcontacts/options.go | 3 ++ service/ssmincidents/api_client.go | 51 +++++++++++++++---- service/ssmincidents/auth.go | 8 +-- service/ssmincidents/endpoints.go | 8 ++- service/ssmincidents/options.go | 3 ++ service/ssmsap/api_client.go | 51 +++++++++++++++---- service/ssmsap/auth.go | 8 +-- service/ssmsap/endpoints.go | 8 ++- service/ssmsap/options.go | 3 ++ service/sso/api_client.go | 51 +++++++++++++++---- service/sso/auth.go | 8 +-- service/sso/endpoints.go | 8 ++- service/sso/options.go | 3 ++ service/ssoadmin/api_client.go | 51 +++++++++++++++---- service/ssoadmin/auth.go | 8 +-- service/ssoadmin/endpoints.go | 8 ++- service/ssoadmin/options.go | 3 ++ service/ssooidc/api_client.go | 51 +++++++++++++++---- service/ssooidc/auth.go | 8 +-- service/ssooidc/endpoints.go | 8 ++- service/ssooidc/options.go | 3 ++ service/storagegateway/api_client.go | 51 +++++++++++++++---- service/storagegateway/auth.go | 8 +-- service/storagegateway/endpoints.go | 8 ++- service/storagegateway/options.go | 3 ++ service/sts/api_client.go | 51 +++++++++++++++---- service/sts/auth.go | 8 +-- service/sts/endpoints.go | 8 ++- service/sts/options.go | 3 ++ service/supplychain/api_client.go | 51 +++++++++++++++---- service/supplychain/auth.go | 8 +-- service/supplychain/endpoints.go | 8 ++- service/supplychain/options.go | 3 ++ service/support/api_client.go | 51 +++++++++++++++---- service/support/auth.go | 8 +-- service/support/endpoints.go | 8 ++- service/support/options.go | 3 ++ service/supportapp/api_client.go | 51 +++++++++++++++---- service/supportapp/auth.go | 8 +-- service/supportapp/endpoints.go | 8 ++- service/supportapp/options.go | 3 ++ service/swf/api_client.go | 51 +++++++++++++++---- service/swf/auth.go | 8 +-- service/swf/endpoints.go | 8 ++- service/swf/options.go | 3 ++ service/synthetics/api_client.go | 51 +++++++++++++++---- service/synthetics/auth.go | 8 +-- service/synthetics/endpoints.go | 8 ++- service/synthetics/options.go | 3 ++ service/textract/api_client.go | 51 +++++++++++++++---- service/textract/auth.go | 8 +-- service/textract/endpoints.go | 8 ++- service/textract/options.go | 3 ++ service/timestreamquery/api_client.go | 51 +++++++++++++++---- service/timestreamquery/auth.go | 8 +-- service/timestreamquery/endpoints.go | 8 ++- service/timestreamquery/options.go | 3 ++ service/timestreamwrite/api_client.go | 51 +++++++++++++++---- service/timestreamwrite/auth.go | 8 +-- service/timestreamwrite/endpoints.go | 8 ++- service/timestreamwrite/options.go | 3 ++ service/tnb/api_client.go | 51 +++++++++++++++---- service/tnb/auth.go | 8 +-- service/tnb/endpoints.go | 8 ++- service/tnb/options.go | 3 ++ service/transcribe/api_client.go | 51 +++++++++++++++---- service/transcribe/auth.go | 8 +-- service/transcribe/endpoints.go | 8 ++- service/transcribe/options.go | 3 ++ service/transcribestreaming/api_client.go | 51 +++++++++++++++---- service/transcribestreaming/auth.go | 8 +-- service/transcribestreaming/endpoints.go | 8 ++- service/transcribestreaming/options.go | 3 ++ service/transfer/api_client.go | 51 +++++++++++++++---- service/transfer/auth.go | 8 +-- service/transfer/endpoints.go | 8 ++- service/transfer/options.go | 3 ++ service/translate/api_client.go | 51 +++++++++++++++---- service/translate/auth.go | 8 +-- service/translate/endpoints.go | 8 ++- service/translate/options.go | 3 ++ service/trustedadvisor/api_client.go | 51 +++++++++++++++---- service/trustedadvisor/auth.go | 8 +-- service/trustedadvisor/endpoints.go | 8 ++- service/trustedadvisor/options.go | 3 ++ service/verifiedpermissions/api_client.go | 51 +++++++++++++++---- service/verifiedpermissions/auth.go | 8 +-- service/verifiedpermissions/endpoints.go | 8 ++- service/verifiedpermissions/options.go | 3 ++ service/voiceid/api_client.go | 51 +++++++++++++++---- service/voiceid/auth.go | 8 +-- service/voiceid/endpoints.go | 8 ++- service/voiceid/options.go | 3 ++ service/vpclattice/api_client.go | 51 +++++++++++++++---- service/vpclattice/auth.go | 8 +-- service/vpclattice/endpoints.go | 8 ++- service/vpclattice/options.go | 3 ++ service/waf/api_client.go | 51 +++++++++++++++---- service/waf/auth.go | 8 +-- service/waf/endpoints.go | 8 ++- service/waf/options.go | 3 ++ service/wafregional/api_client.go | 51 +++++++++++++++---- service/wafregional/auth.go | 8 +-- service/wafregional/endpoints.go | 8 ++- service/wafregional/options.go | 3 ++ service/wafv2/api_client.go | 51 +++++++++++++++---- service/wafv2/auth.go | 8 +-- service/wafv2/endpoints.go | 8 ++- service/wafv2/options.go | 3 ++ service/wellarchitected/api_client.go | 51 +++++++++++++++---- service/wellarchitected/auth.go | 8 +-- service/wellarchitected/endpoints.go | 8 ++- service/wellarchitected/options.go | 3 ++ service/wisdom/api_client.go | 51 +++++++++++++++---- service/wisdom/auth.go | 8 +-- service/wisdom/endpoints.go | 8 ++- service/wisdom/options.go | 3 ++ service/workdocs/api_client.go | 51 +++++++++++++++---- service/workdocs/auth.go | 8 +-- service/workdocs/endpoints.go | 8 ++- service/workdocs/options.go | 3 ++ service/worklink/api_client.go | 51 +++++++++++++++---- service/worklink/auth.go | 8 +-- service/worklink/endpoints.go | 8 ++- service/worklink/options.go | 3 ++ service/workmail/api_client.go | 51 +++++++++++++++---- service/workmail/auth.go | 8 +-- service/workmail/endpoints.go | 8 ++- service/workmail/options.go | 3 ++ service/workmailmessageflow/api_client.go | 51 +++++++++++++++---- service/workmailmessageflow/auth.go | 8 +-- service/workmailmessageflow/endpoints.go | 8 ++- service/workmailmessageflow/options.go | 3 ++ service/workspaces/api_client.go | 51 +++++++++++++++---- service/workspaces/auth.go | 8 +-- service/workspaces/endpoints.go | 8 ++- service/workspaces/options.go | 3 ++ service/workspacesthinclient/api_client.go | 51 +++++++++++++++---- service/workspacesthinclient/auth.go | 8 +-- service/workspacesthinclient/endpoints.go | 8 ++- service/workspacesthinclient/options.go | 3 ++ service/workspacesweb/api_client.go | 51 +++++++++++++++---- service/workspacesweb/auth.go | 8 +-- service/workspacesweb/endpoints.go | 8 ++- service/workspacesweb/options.go | 3 ++ service/xray/api_client.go | 51 +++++++++++++++---- service/xray/auth.go | 8 +-- service/xray/endpoints.go | 8 ++- service/xray/options.go | 3 ++ 1526 files changed, 20728 insertions(+), 5659 deletions(-) diff --git a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration index d0bce9309a3..e7171da9cf0 100644 --- a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration +++ b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration @@ -73,3 +73,4 @@ software.amazon.smithy.aws.go.codegen.customization.S3BucketContext software.amazon.smithy.aws.go.codegen.customization.s3.ExpressDefaultChecksum software.amazon.smithy.aws.go.codegen.customization.auth.GlobalAnonymousOption software.amazon.smithy.aws.go.codegen.customization.CloudFrontKVSSigV4a +software.amazon.smithy.aws.go.codegen.customization.AccountIDEndpointRouting diff --git a/internal/protocoltest/awsrestjson/api_client.go b/internal/protocoltest/awsrestjson/api_client.go index f39aaad726d..60d47cc05d0 100644 --- a/internal/protocoltest/awsrestjson/api_client.go +++ b/internal/protocoltest/awsrestjson/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/awsrestjson/auth.go b/internal/protocoltest/awsrestjson/auth.go index 5564edd67f6..b806ec5209c 100644 --- a/internal/protocoltest/awsrestjson/auth.go +++ b/internal/protocoltest/awsrestjson/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/awsrestjson/options.go b/internal/protocoltest/awsrestjson/options.go index bd2bd6a9f84..335e969d385 100644 --- a/internal/protocoltest/awsrestjson/options.go +++ b/internal/protocoltest/awsrestjson/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/ec2query/api_client.go b/internal/protocoltest/ec2query/api_client.go index 3891cf31616..fdf1e5b0dbd 100644 --- a/internal/protocoltest/ec2query/api_client.go +++ b/internal/protocoltest/ec2query/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/ec2query/auth.go b/internal/protocoltest/ec2query/auth.go index 3d784083847..9d902f66bf9 100644 --- a/internal/protocoltest/ec2query/auth.go +++ b/internal/protocoltest/ec2query/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/ec2query/options.go b/internal/protocoltest/ec2query/options.go index d8e99b30bb7..cecf36ba80f 100644 --- a/internal/protocoltest/ec2query/options.go +++ b/internal/protocoltest/ec2query/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/jsonrpc/api_client.go b/internal/protocoltest/jsonrpc/api_client.go index ff4a333d31d..f1639103877 100644 --- a/internal/protocoltest/jsonrpc/api_client.go +++ b/internal/protocoltest/jsonrpc/api_client.go @@ -241,6 +241,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/jsonrpc/auth.go b/internal/protocoltest/jsonrpc/auth.go index b5ccf33dfc6..c750039a27e 100644 --- a/internal/protocoltest/jsonrpc/auth.go +++ b/internal/protocoltest/jsonrpc/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/jsonrpc/options.go b/internal/protocoltest/jsonrpc/options.go index 9630316047b..2998a78be84 100644 --- a/internal/protocoltest/jsonrpc/options.go +++ b/internal/protocoltest/jsonrpc/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/jsonrpc10/api_client.go b/internal/protocoltest/jsonrpc10/api_client.go index 99dcc289328..076802e155f 100644 --- a/internal/protocoltest/jsonrpc10/api_client.go +++ b/internal/protocoltest/jsonrpc10/api_client.go @@ -225,6 +225,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/jsonrpc10/auth.go b/internal/protocoltest/jsonrpc10/auth.go index 463ee3e7df5..fba267fd080 100644 --- a/internal/protocoltest/jsonrpc10/auth.go +++ b/internal/protocoltest/jsonrpc10/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/jsonrpc10/options.go b/internal/protocoltest/jsonrpc10/options.go index cefe9ff7d38..60442684d7d 100644 --- a/internal/protocoltest/jsonrpc10/options.go +++ b/internal/protocoltest/jsonrpc10/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/query/api_client.go b/internal/protocoltest/query/api_client.go index 64a2d3e118a..f094b7d1e32 100644 --- a/internal/protocoltest/query/api_client.go +++ b/internal/protocoltest/query/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/query/auth.go b/internal/protocoltest/query/auth.go index e6417c9b6ca..70d3773c991 100644 --- a/internal/protocoltest/query/auth.go +++ b/internal/protocoltest/query/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/query/options.go b/internal/protocoltest/query/options.go index 61469fff7a7..2ef74f58373 100644 --- a/internal/protocoltest/query/options.go +++ b/internal/protocoltest/query/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/restxml/api_client.go b/internal/protocoltest/restxml/api_client.go index fc4c369fb43..eabaa072fae 100644 --- a/internal/protocoltest/restxml/api_client.go +++ b/internal/protocoltest/restxml/api_client.go @@ -229,6 +229,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxml/auth.go b/internal/protocoltest/restxml/auth.go index 279fa13ea46..52debc41e40 100644 --- a/internal/protocoltest/restxml/auth.go +++ b/internal/protocoltest/restxml/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/restxml/options.go b/internal/protocoltest/restxml/options.go index e5c0a3daa4d..87d63199ed1 100644 --- a/internal/protocoltest/restxml/options.go +++ b/internal/protocoltest/restxml/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/internal/protocoltest/restxmlwithnamespace/api_client.go b/internal/protocoltest/restxmlwithnamespace/api_client.go index f7f813d4425..853562924b9 100644 --- a/internal/protocoltest/restxmlwithnamespace/api_client.go +++ b/internal/protocoltest/restxmlwithnamespace/api_client.go @@ -215,14 +215,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxmlwithnamespace/auth.go b/internal/protocoltest/restxmlwithnamespace/auth.go index 8128ce90d17..96c33507ec9 100644 --- a/internal/protocoltest/restxmlwithnamespace/auth.go +++ b/internal/protocoltest/restxmlwithnamespace/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/restxmlwithnamespace/options.go b/internal/protocoltest/restxmlwithnamespace/options.go index 0317b3c75c3..cd401997d70 100644 --- a/internal/protocoltest/restxmlwithnamespace/options.go +++ b/internal/protocoltest/restxmlwithnamespace/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/accessanalyzer/api_client.go b/service/accessanalyzer/api_client.go index 87752cca15f..c977daaeeec 100644 --- a/service/accessanalyzer/api_client.go +++ b/service/accessanalyzer/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/accessanalyzer/auth.go b/service/accessanalyzer/auth.go index dc7e2e64c13..cf71ed910f1 100644 --- a/service/accessanalyzer/auth.go +++ b/service/accessanalyzer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/accessanalyzer/endpoints.go b/service/accessanalyzer/endpoints.go index a9c6242d84f..7d360b4dba8 100644 --- a/service/accessanalyzer/endpoints.go +++ b/service/accessanalyzer/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/accessanalyzer/options.go b/service/accessanalyzer/options.go index ca4b79fb918..3db8c2a7679 100644 --- a/service/accessanalyzer/options.go +++ b/service/accessanalyzer/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/account/api_client.go b/service/account/api_client.go index c6a89552b28..beb392f01bb 100644 --- a/service/account/api_client.go +++ b/service/account/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/account/auth.go b/service/account/auth.go index eff6c3b0bd8..33d18b1def6 100644 --- a/service/account/auth.go +++ b/service/account/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/account/endpoints.go b/service/account/endpoints.go index ce40b437d69..c08ff90878f 100644 --- a/service/account/endpoints.go +++ b/service/account/endpoints.go @@ -508,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,6 +538,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/account/options.go b/service/account/options.go index b346281233b..241da0acf3e 100644 --- a/service/account/options.go +++ b/service/account/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/acm/api_client.go b/service/acm/api_client.go index 809d8f6c04d..868270afc68 100644 --- a/service/acm/api_client.go +++ b/service/acm/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/acm/auth.go b/service/acm/auth.go index d835fd61fad..164c311a12d 100644 --- a/service/acm/auth.go +++ b/service/acm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/acm/endpoints.go b/service/acm/endpoints.go index 99e9012a1c1..c40112aa0f0 100644 --- a/service/acm/endpoints.go +++ b/service/acm/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/acm/options.go b/service/acm/options.go index 77edd733ce1..2cf0be6a25e 100644 --- a/service/acm/options.go +++ b/service/acm/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/acmpca/api_client.go b/service/acmpca/api_client.go index 9bf06d8be05..11ea98040ac 100644 --- a/service/acmpca/api_client.go +++ b/service/acmpca/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/acmpca/auth.go b/service/acmpca/auth.go index 69b02aca23d..7f960511433 100644 --- a/service/acmpca/auth.go +++ b/service/acmpca/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/acmpca/endpoints.go b/service/acmpca/endpoints.go index 9f9f1e28e58..536b8727b4f 100644 --- a/service/acmpca/endpoints.go +++ b/service/acmpca/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/acmpca/options.go b/service/acmpca/options.go index 8ac2813ff96..3cb8c0c00f5 100644 --- a/service/acmpca/options.go +++ b/service/acmpca/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/alexaforbusiness/api_client.go b/service/alexaforbusiness/api_client.go index c0959168693..53f3c0071a7 100644 --- a/service/alexaforbusiness/api_client.go +++ b/service/alexaforbusiness/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/alexaforbusiness/auth.go b/service/alexaforbusiness/auth.go index dc24f714049..2800d444acd 100644 --- a/service/alexaforbusiness/auth.go +++ b/service/alexaforbusiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/alexaforbusiness/endpoints.go b/service/alexaforbusiness/endpoints.go index 33eeaaff954..c7adfd52f72 100644 --- a/service/alexaforbusiness/endpoints.go +++ b/service/alexaforbusiness/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/alexaforbusiness/options.go b/service/alexaforbusiness/options.go index 5d9b44d937b..d64f2ea5993 100644 --- a/service/alexaforbusiness/options.go +++ b/service/alexaforbusiness/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amp/api_client.go b/service/amp/api_client.go index 96a64cf9f3b..4bbb035bd37 100644 --- a/service/amp/api_client.go +++ b/service/amp/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/amp/auth.go b/service/amp/auth.go index 8e90d81a4bd..98bfd5e06bc 100644 --- a/service/amp/auth.go +++ b/service/amp/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amp/endpoints.go b/service/amp/endpoints.go index 8d80154d1f3..8975a872081 100644 --- a/service/amp/endpoints.go +++ b/service/amp/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amp/options.go b/service/amp/options.go index 829dbabaa8f..483315ffc7d 100644 --- a/service/amp/options.go +++ b/service/amp/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplify/api_client.go b/service/amplify/api_client.go index 73e329e4a84..5f5100e59a6 100644 --- a/service/amplify/api_client.go +++ b/service/amplify/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/amplify/auth.go b/service/amplify/auth.go index fab9ad320e9..0c00344c9cd 100644 --- a/service/amplify/auth.go +++ b/service/amplify/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplify/endpoints.go b/service/amplify/endpoints.go index b707379f4cb..5cb54aeab19 100644 --- a/service/amplify/endpoints.go +++ b/service/amplify/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplify/options.go b/service/amplify/options.go index 3a64da839b1..c97a69095c7 100644 --- a/service/amplify/options.go +++ b/service/amplify/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplifybackend/api_client.go b/service/amplifybackend/api_client.go index 47f64ea77b6..e18fef61aeb 100644 --- a/service/amplifybackend/api_client.go +++ b/service/amplifybackend/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/amplifybackend/auth.go b/service/amplifybackend/auth.go index 88e12264988..daeff5e7e7a 100644 --- a/service/amplifybackend/auth.go +++ b/service/amplifybackend/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplifybackend/endpoints.go b/service/amplifybackend/endpoints.go index 48c29f8dddb..d5a03f4f875 100644 --- a/service/amplifybackend/endpoints.go +++ b/service/amplifybackend/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplifybackend/options.go b/service/amplifybackend/options.go index 0dac28bfee7..dcf5438b00e 100644 --- a/service/amplifybackend/options.go +++ b/service/amplifybackend/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/amplifyuibuilder/api_client.go b/service/amplifyuibuilder/api_client.go index 8c8b73ba9a9..8003b67858c 100644 --- a/service/amplifyuibuilder/api_client.go +++ b/service/amplifyuibuilder/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/amplifyuibuilder/auth.go b/service/amplifyuibuilder/auth.go index 213f2652aa1..1c6c905fd1a 100644 --- a/service/amplifyuibuilder/auth.go +++ b/service/amplifyuibuilder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/amplifyuibuilder/endpoints.go b/service/amplifyuibuilder/endpoints.go index bbb43b081cf..746fa4ebedb 100644 --- a/service/amplifyuibuilder/endpoints.go +++ b/service/amplifyuibuilder/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/amplifyuibuilder/options.go b/service/amplifyuibuilder/options.go index bdbd6f5f287..317818c97c9 100644 --- a/service/amplifyuibuilder/options.go +++ b/service/amplifyuibuilder/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigateway/api_client.go b/service/apigateway/api_client.go index 347be8c229e..9bc3fcadd41 100644 --- a/service/apigateway/api_client.go +++ b/service/apigateway/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" agcust "github.com/aws/aws-sdk-go-v2/service/apigateway/internal/customizations" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/apigateway/auth.go b/service/apigateway/auth.go index 2ff757469f6..356b615b527 100644 --- a/service/apigateway/auth.go +++ b/service/apigateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigateway/endpoints.go b/service/apigateway/endpoints.go index 67e8f9896f7..43b72173c93 100644 --- a/service/apigateway/endpoints.go +++ b/service/apigateway/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigateway/options.go b/service/apigateway/options.go index 2eeaf81d95a..04c2b474e17 100644 --- a/service/apigateway/options.go +++ b/service/apigateway/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigatewaymanagementapi/api_client.go b/service/apigatewaymanagementapi/api_client.go index d003244c276..8fc301ece5c 100644 --- a/service/apigatewaymanagementapi/api_client.go +++ b/service/apigatewaymanagementapi/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/apigatewaymanagementapi/auth.go b/service/apigatewaymanagementapi/auth.go index 51cf731ac1b..009f8c9c754 100644 --- a/service/apigatewaymanagementapi/auth.go +++ b/service/apigatewaymanagementapi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigatewaymanagementapi/endpoints.go b/service/apigatewaymanagementapi/endpoints.go index 7a91885a5d2..b77293dc5c9 100644 --- a/service/apigatewaymanagementapi/endpoints.go +++ b/service/apigatewaymanagementapi/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigatewaymanagementapi/options.go b/service/apigatewaymanagementapi/options.go index f4d53167a7b..9a12b19a3a8 100644 --- a/service/apigatewaymanagementapi/options.go +++ b/service/apigatewaymanagementapi/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apigatewayv2/api_client.go b/service/apigatewayv2/api_client.go index 2e5b34201a9..5107ebf7e2a 100644 --- a/service/apigatewayv2/api_client.go +++ b/service/apigatewayv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/apigatewayv2/auth.go b/service/apigatewayv2/auth.go index 366e1d62487..08b3f92b0bd 100644 --- a/service/apigatewayv2/auth.go +++ b/service/apigatewayv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apigatewayv2/endpoints.go b/service/apigatewayv2/endpoints.go index 634042b6fe0..c76ab0c50e3 100644 --- a/service/apigatewayv2/endpoints.go +++ b/service/apigatewayv2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apigatewayv2/options.go b/service/apigatewayv2/options.go index 2d335fa1572..7875296a891 100644 --- a/service/apigatewayv2/options.go +++ b/service/apigatewayv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appconfig/api_client.go b/service/appconfig/api_client.go index fb123744c1c..7735d6ffb4c 100644 --- a/service/appconfig/api_client.go +++ b/service/appconfig/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/appconfig/auth.go b/service/appconfig/auth.go index 399b2a3e472..9df05b1c1d4 100644 --- a/service/appconfig/auth.go +++ b/service/appconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appconfig/endpoints.go b/service/appconfig/endpoints.go index bf4df93224d..3099a317e0f 100644 --- a/service/appconfig/endpoints.go +++ b/service/appconfig/endpoints.go @@ -465,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,6 +495,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appconfig/options.go b/service/appconfig/options.go index a9c45e0c8bb..e843160140e 100644 --- a/service/appconfig/options.go +++ b/service/appconfig/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appconfigdata/api_client.go b/service/appconfigdata/api_client.go index ada9497da13..c7bf0c62db6 100644 --- a/service/appconfigdata/api_client.go +++ b/service/appconfigdata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/appconfigdata/auth.go b/service/appconfigdata/auth.go index c611bb300a3..fbd83daee1c 100644 --- a/service/appconfigdata/auth.go +++ b/service/appconfigdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appconfigdata/endpoints.go b/service/appconfigdata/endpoints.go index 58b3c261bb2..c7fa1632726 100644 --- a/service/appconfigdata/endpoints.go +++ b/service/appconfigdata/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appconfigdata/options.go b/service/appconfigdata/options.go index fb71991d3ed..99697dab77c 100644 --- a/service/appconfigdata/options.go +++ b/service/appconfigdata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appfabric/api_client.go b/service/appfabric/api_client.go index 84f4704dc85..212bf6e03c0 100644 --- a/service/appfabric/api_client.go +++ b/service/appfabric/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/appfabric/auth.go b/service/appfabric/auth.go index 892b57015b3..b3231655b69 100644 --- a/service/appfabric/auth.go +++ b/service/appfabric/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appfabric/endpoints.go b/service/appfabric/endpoints.go index 2750868e999..e2ab7707624 100644 --- a/service/appfabric/endpoints.go +++ b/service/appfabric/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appfabric/options.go b/service/appfabric/options.go index c157deda065..4b72b63655c 100644 --- a/service/appfabric/options.go +++ b/service/appfabric/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appflow/api_client.go b/service/appflow/api_client.go index d6a35f4133a..63e15319ebe 100644 --- a/service/appflow/api_client.go +++ b/service/appflow/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/appflow/auth.go b/service/appflow/auth.go index e8bdec2c46d..70ce5840c6b 100644 --- a/service/appflow/auth.go +++ b/service/appflow/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appflow/endpoints.go b/service/appflow/endpoints.go index 4b1aca0ed61..86cf554bdbf 100644 --- a/service/appflow/endpoints.go +++ b/service/appflow/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appflow/options.go b/service/appflow/options.go index 9949552f60c..c44ea376e29 100644 --- a/service/appflow/options.go +++ b/service/appflow/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appintegrations/api_client.go b/service/appintegrations/api_client.go index e67c782ca9f..54afffe0c7d 100644 --- a/service/appintegrations/api_client.go +++ b/service/appintegrations/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/appintegrations/auth.go b/service/appintegrations/auth.go index bbcc9d43195..cdb979aa4a6 100644 --- a/service/appintegrations/auth.go +++ b/service/appintegrations/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appintegrations/endpoints.go b/service/appintegrations/endpoints.go index fe26519945b..0cfa6d7700f 100644 --- a/service/appintegrations/endpoints.go +++ b/service/appintegrations/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appintegrations/options.go b/service/appintegrations/options.go index 1987a53d2ee..0b50888050e 100644 --- a/service/appintegrations/options.go +++ b/service/appintegrations/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationautoscaling/api_client.go b/service/applicationautoscaling/api_client.go index c2b1fdfb2cc..63e8a2e7bd3 100644 --- a/service/applicationautoscaling/api_client.go +++ b/service/applicationautoscaling/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/applicationautoscaling/auth.go b/service/applicationautoscaling/auth.go index 0d831c03ced..425993e8d52 100644 --- a/service/applicationautoscaling/auth.go +++ b/service/applicationautoscaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationautoscaling/endpoints.go b/service/applicationautoscaling/endpoints.go index 0feb569e49c..9b4ca2599ad 100644 --- a/service/applicationautoscaling/endpoints.go +++ b/service/applicationautoscaling/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationautoscaling/options.go b/service/applicationautoscaling/options.go index f60a2d67a83..5c0b39fb3d0 100644 --- a/service/applicationautoscaling/options.go +++ b/service/applicationautoscaling/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationcostprofiler/api_client.go b/service/applicationcostprofiler/api_client.go index 1edbca985c9..a80a8990474 100644 --- a/service/applicationcostprofiler/api_client.go +++ b/service/applicationcostprofiler/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/applicationcostprofiler/auth.go b/service/applicationcostprofiler/auth.go index 3b5bd5100d3..7345ab9f774 100644 --- a/service/applicationcostprofiler/auth.go +++ b/service/applicationcostprofiler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationcostprofiler/endpoints.go b/service/applicationcostprofiler/endpoints.go index 4855f85d287..75fc9b3625e 100644 --- a/service/applicationcostprofiler/endpoints.go +++ b/service/applicationcostprofiler/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationcostprofiler/options.go b/service/applicationcostprofiler/options.go index 1a5293d2d67..ad9caab4ef1 100644 --- a/service/applicationcostprofiler/options.go +++ b/service/applicationcostprofiler/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationdiscoveryservice/api_client.go b/service/applicationdiscoveryservice/api_client.go index 6f55246bdfa..4bd3aaed92e 100644 --- a/service/applicationdiscoveryservice/api_client.go +++ b/service/applicationdiscoveryservice/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/applicationdiscoveryservice/auth.go b/service/applicationdiscoveryservice/auth.go index 4510690c411..550482f2745 100644 --- a/service/applicationdiscoveryservice/auth.go +++ b/service/applicationdiscoveryservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationdiscoveryservice/endpoints.go b/service/applicationdiscoveryservice/endpoints.go index ac4cf62de3c..eca702d57d6 100644 --- a/service/applicationdiscoveryservice/endpoints.go +++ b/service/applicationdiscoveryservice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationdiscoveryservice/options.go b/service/applicationdiscoveryservice/options.go index 33bc3e728aa..15d51e78a9b 100644 --- a/service/applicationdiscoveryservice/options.go +++ b/service/applicationdiscoveryservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/applicationinsights/api_client.go b/service/applicationinsights/api_client.go index 39b2102bd1e..20b80376d8f 100644 --- a/service/applicationinsights/api_client.go +++ b/service/applicationinsights/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/applicationinsights/auth.go b/service/applicationinsights/auth.go index a440b044c34..c066f2e42d3 100644 --- a/service/applicationinsights/auth.go +++ b/service/applicationinsights/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationinsights/endpoints.go b/service/applicationinsights/endpoints.go index a06cec1dff3..f4b1de3f080 100644 --- a/service/applicationinsights/endpoints.go +++ b/service/applicationinsights/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationinsights/options.go b/service/applicationinsights/options.go index 0104b50bbfd..aabc22b3484 100644 --- a/service/applicationinsights/options.go +++ b/service/applicationinsights/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appmesh/api_client.go b/service/appmesh/api_client.go index 252002f46c9..3cf2d4d3b12 100644 --- a/service/appmesh/api_client.go +++ b/service/appmesh/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/appmesh/auth.go b/service/appmesh/auth.go index 2a4c86d891a..8d62e597a5e 100644 --- a/service/appmesh/auth.go +++ b/service/appmesh/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appmesh/endpoints.go b/service/appmesh/endpoints.go index 8ce49216bd5..89aae1cc16e 100644 --- a/service/appmesh/endpoints.go +++ b/service/appmesh/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appmesh/options.go b/service/appmesh/options.go index 1cab890736d..7f04fddc6b2 100644 --- a/service/appmesh/options.go +++ b/service/appmesh/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/apprunner/api_client.go b/service/apprunner/api_client.go index 840180e120f..c85bd12076b 100644 --- a/service/apprunner/api_client.go +++ b/service/apprunner/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/apprunner/auth.go b/service/apprunner/auth.go index 331ea57342a..779d5aba5bf 100644 --- a/service/apprunner/auth.go +++ b/service/apprunner/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apprunner/endpoints.go b/service/apprunner/endpoints.go index 8480e1c52f6..903e1adf577 100644 --- a/service/apprunner/endpoints.go +++ b/service/apprunner/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apprunner/options.go b/service/apprunner/options.go index dbab338d6df..9f9bcc831ff 100644 --- a/service/apprunner/options.go +++ b/service/apprunner/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appstream/api_client.go b/service/appstream/api_client.go index b9a12d78d94..0409afb0ac7 100644 --- a/service/appstream/api_client.go +++ b/service/appstream/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/appstream/auth.go b/service/appstream/auth.go index b420016665e..1f43acbd732 100644 --- a/service/appstream/auth.go +++ b/service/appstream/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appstream/endpoints.go b/service/appstream/endpoints.go index 4f1a2fe1c1e..7764b4da633 100644 --- a/service/appstream/endpoints.go +++ b/service/appstream/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appstream/options.go b/service/appstream/options.go index 7e745094409..c4d2e00c20b 100644 --- a/service/appstream/options.go +++ b/service/appstream/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appsync/api_client.go b/service/appsync/api_client.go index 3ce524e6908..e9c6b2524ad 100644 --- a/service/appsync/api_client.go +++ b/service/appsync/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/appsync/auth.go b/service/appsync/auth.go index c5dd4955ae2..57b097a5b45 100644 --- a/service/appsync/auth.go +++ b/service/appsync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/appsync/endpoints.go b/service/appsync/endpoints.go index 5925615e678..9112eeaaede 100644 --- a/service/appsync/endpoints.go +++ b/service/appsync/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/appsync/options.go b/service/appsync/options.go index 8f4505d8489..a48cf0c297d 100644 --- a/service/appsync/options.go +++ b/service/appsync/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/arczonalshift/api_client.go b/service/arczonalshift/api_client.go index 60330e886b0..4c8d34c8ba3 100644 --- a/service/arczonalshift/api_client.go +++ b/service/arczonalshift/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/arczonalshift/auth.go b/service/arczonalshift/auth.go index 8c947a047ec..47098d31631 100644 --- a/service/arczonalshift/auth.go +++ b/service/arczonalshift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/arczonalshift/endpoints.go b/service/arczonalshift/endpoints.go index 5523a2834fc..faf5b375936 100644 --- a/service/arczonalshift/endpoints.go +++ b/service/arczonalshift/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/arczonalshift/options.go b/service/arczonalshift/options.go index 2f88c457456..6b2530688b7 100644 --- a/service/arczonalshift/options.go +++ b/service/arczonalshift/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/athena/api_client.go b/service/athena/api_client.go index 8e264e29fa1..c4088be554b 100644 --- a/service/athena/api_client.go +++ b/service/athena/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/athena/auth.go b/service/athena/auth.go index a819f1195df..6d28d09ad04 100644 --- a/service/athena/auth.go +++ b/service/athena/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/athena/endpoints.go b/service/athena/endpoints.go index 84f10fa8261..1e35f3449cc 100644 --- a/service/athena/endpoints.go +++ b/service/athena/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/athena/options.go b/service/athena/options.go index f3f1f5fa505..aa9aee76704 100644 --- a/service/athena/options.go +++ b/service/athena/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/auditmanager/api_client.go b/service/auditmanager/api_client.go index ee103eaf266..18bf9c3093f 100644 --- a/service/auditmanager/api_client.go +++ b/service/auditmanager/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/auditmanager/auth.go b/service/auditmanager/auth.go index 7782307f945..bd87f596dd4 100644 --- a/service/auditmanager/auth.go +++ b/service/auditmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/auditmanager/endpoints.go b/service/auditmanager/endpoints.go index 337023a7638..f04f2b6e0f9 100644 --- a/service/auditmanager/endpoints.go +++ b/service/auditmanager/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/auditmanager/options.go b/service/auditmanager/options.go index 2844f7ba499..cd300d6de5b 100644 --- a/service/auditmanager/options.go +++ b/service/auditmanager/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/autoscaling/api_client.go b/service/autoscaling/api_client.go index ebffefb3f0f..9ea98cdfae6 100644 --- a/service/autoscaling/api_client.go +++ b/service/autoscaling/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/autoscaling/auth.go b/service/autoscaling/auth.go index 4c2a3897ec4..8c3091da5c8 100644 --- a/service/autoscaling/auth.go +++ b/service/autoscaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/autoscaling/endpoints.go b/service/autoscaling/endpoints.go index 7e3e5287c7c..8ae57b5cb76 100644 --- a/service/autoscaling/endpoints.go +++ b/service/autoscaling/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/autoscaling/options.go b/service/autoscaling/options.go index 9a183095a31..abed4be2f2c 100644 --- a/service/autoscaling/options.go +++ b/service/autoscaling/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/autoscalingplans/api_client.go b/service/autoscalingplans/api_client.go index 7512fcf7fda..6bd8598e90a 100644 --- a/service/autoscalingplans/api_client.go +++ b/service/autoscalingplans/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/autoscalingplans/auth.go b/service/autoscalingplans/auth.go index 47bc2e5478d..0481bc1f460 100644 --- a/service/autoscalingplans/auth.go +++ b/service/autoscalingplans/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/autoscalingplans/endpoints.go b/service/autoscalingplans/endpoints.go index b72ee91e7e6..cc7a1f0916c 100644 --- a/service/autoscalingplans/endpoints.go +++ b/service/autoscalingplans/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/autoscalingplans/options.go b/service/autoscalingplans/options.go index 05f31b55b77..01d34b901f6 100644 --- a/service/autoscalingplans/options.go +++ b/service/autoscalingplans/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/b2bi/api_client.go b/service/b2bi/api_client.go index c7d6ad9a48b..e59bd5fe8af 100644 --- a/service/b2bi/api_client.go +++ b/service/b2bi/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/b2bi/auth.go b/service/b2bi/auth.go index 621982d01b2..3582b4ee5cc 100644 --- a/service/b2bi/auth.go +++ b/service/b2bi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/b2bi/endpoints.go b/service/b2bi/endpoints.go index 416a441eada..42bd175ba41 100644 --- a/service/b2bi/endpoints.go +++ b/service/b2bi/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/b2bi/options.go b/service/b2bi/options.go index 83b7f186c3a..ebe7193f823 100644 --- a/service/b2bi/options.go +++ b/service/b2bi/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backup/api_client.go b/service/backup/api_client.go index 1b8de15e813..abbf2c04693 100644 --- a/service/backup/api_client.go +++ b/service/backup/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/backup/auth.go b/service/backup/auth.go index a80946ab435..21888371ddb 100644 --- a/service/backup/auth.go +++ b/service/backup/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backup/endpoints.go b/service/backup/endpoints.go index a56cb68ac5a..f455498b4f3 100644 --- a/service/backup/endpoints.go +++ b/service/backup/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backup/options.go b/service/backup/options.go index b6d89e22e7b..6071bbe2a42 100644 --- a/service/backup/options.go +++ b/service/backup/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backupgateway/api_client.go b/service/backupgateway/api_client.go index 9a72e44e110..486f026bf43 100644 --- a/service/backupgateway/api_client.go +++ b/service/backupgateway/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/backupgateway/auth.go b/service/backupgateway/auth.go index d91472bc572..940afeeb88d 100644 --- a/service/backupgateway/auth.go +++ b/service/backupgateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backupgateway/endpoints.go b/service/backupgateway/endpoints.go index d11d7b56a4b..16d1cf93076 100644 --- a/service/backupgateway/endpoints.go +++ b/service/backupgateway/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backupgateway/options.go b/service/backupgateway/options.go index ebb2d074e92..229baf94cfc 100644 --- a/service/backupgateway/options.go +++ b/service/backupgateway/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/backupstorage/api_client.go b/service/backupstorage/api_client.go index a18a99db7f1..3032d2d8a46 100644 --- a/service/backupstorage/api_client.go +++ b/service/backupstorage/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/backupstorage/auth.go b/service/backupstorage/auth.go index 9dacc499bfe..7ca89f0e515 100644 --- a/service/backupstorage/auth.go +++ b/service/backupstorage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -190,7 +190,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/backupstorage/endpoints.go b/service/backupstorage/endpoints.go index a90d933a49a..54f41300700 100644 --- a/service/backupstorage/endpoints.go +++ b/service/backupstorage/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/backupstorage/options.go b/service/backupstorage/options.go index 83701b74b14..41309921bf4 100644 --- a/service/backupstorage/options.go +++ b/service/backupstorage/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/batch/api_client.go b/service/batch/api_client.go index fbb0f62684b..f8777c31695 100644 --- a/service/batch/api_client.go +++ b/service/batch/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/batch/auth.go b/service/batch/auth.go index f17ae176ebd..2327a7f0798 100644 --- a/service/batch/auth.go +++ b/service/batch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/batch/endpoints.go b/service/batch/endpoints.go index b953f54b653..68ef63b2aa2 100644 --- a/service/batch/endpoints.go +++ b/service/batch/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/batch/options.go b/service/batch/options.go index c9038923519..a1141a7adfe 100644 --- a/service/batch/options.go +++ b/service/batch/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bcmdataexports/api_client.go b/service/bcmdataexports/api_client.go index 40d95ba6f2d..637f57316ba 100644 --- a/service/bcmdataexports/api_client.go +++ b/service/bcmdataexports/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/bcmdataexports/auth.go b/service/bcmdataexports/auth.go index 9fbb062c8e7..2a4f3d4f7c7 100644 --- a/service/bcmdataexports/auth.go +++ b/service/bcmdataexports/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bcmdataexports/endpoints.go b/service/bcmdataexports/endpoints.go index 8a2abd0dc44..e53ecf3be7a 100644 --- a/service/bcmdataexports/endpoints.go +++ b/service/bcmdataexports/endpoints.go @@ -464,7 +464,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -493,6 +493,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -502,7 +506,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bcmdataexports/options.go b/service/bcmdataexports/options.go index 396bd2bb7b2..427a207e696 100644 --- a/service/bcmdataexports/options.go +++ b/service/bcmdataexports/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrock/api_client.go b/service/bedrock/api_client.go index bec76d136d7..dfdfadc3ada 100644 --- a/service/bedrock/api_client.go +++ b/service/bedrock/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/bedrock/auth.go b/service/bedrock/auth.go index 5fb4c6956b5..7786c0dbfa7 100644 --- a/service/bedrock/auth.go +++ b/service/bedrock/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrock/endpoints.go b/service/bedrock/endpoints.go index 3434ef052f2..90038c06ba5 100644 --- a/service/bedrock/endpoints.go +++ b/service/bedrock/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrock/options.go b/service/bedrock/options.go index 0faea81e708..c4c847bdf19 100644 --- a/service/bedrock/options.go +++ b/service/bedrock/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockagent/api_client.go b/service/bedrockagent/api_client.go index 8b8902be1a5..7e51c6f7848 100644 --- a/service/bedrockagent/api_client.go +++ b/service/bedrockagent/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/bedrockagent/auth.go b/service/bedrockagent/auth.go index 0a53cadc7b4..8129674c917 100644 --- a/service/bedrockagent/auth.go +++ b/service/bedrockagent/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockagent/endpoints.go b/service/bedrockagent/endpoints.go index 068db137928..2635fb2338e 100644 --- a/service/bedrockagent/endpoints.go +++ b/service/bedrockagent/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockagent/options.go b/service/bedrockagent/options.go index 763f8c1e7d7..ad8fbd22608 100644 --- a/service/bedrockagent/options.go +++ b/service/bedrockagent/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockagentruntime/api_client.go b/service/bedrockagentruntime/api_client.go index abb0323fcf0..b2bb8bbff5a 100644 --- a/service/bedrockagentruntime/api_client.go +++ b/service/bedrockagentruntime/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/bedrockagentruntime/auth.go b/service/bedrockagentruntime/auth.go index f7aa5347ff0..3ca34c88555 100644 --- a/service/bedrockagentruntime/auth.go +++ b/service/bedrockagentruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockagentruntime/endpoints.go b/service/bedrockagentruntime/endpoints.go index b14a1aef363..1faa3fd0c1c 100644 --- a/service/bedrockagentruntime/endpoints.go +++ b/service/bedrockagentruntime/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockagentruntime/options.go b/service/bedrockagentruntime/options.go index bb0d5954e9c..4c885913dc5 100644 --- a/service/bedrockagentruntime/options.go +++ b/service/bedrockagentruntime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/bedrockruntime/api_client.go b/service/bedrockruntime/api_client.go index 47a24f54641..e18cebcbe98 100644 --- a/service/bedrockruntime/api_client.go +++ b/service/bedrockruntime/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/bedrockruntime/auth.go b/service/bedrockruntime/auth.go index e6b3c0bf253..cb01350d06d 100644 --- a/service/bedrockruntime/auth.go +++ b/service/bedrockruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/bedrockruntime/endpoints.go b/service/bedrockruntime/endpoints.go index 91afc6d87a2..1a6a21f5cc3 100644 --- a/service/bedrockruntime/endpoints.go +++ b/service/bedrockruntime/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/bedrockruntime/options.go b/service/bedrockruntime/options.go index 78b258a178b..6eb0c45c8b5 100644 --- a/service/bedrockruntime/options.go +++ b/service/bedrockruntime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/billingconductor/api_client.go b/service/billingconductor/api_client.go index dbd40fcc41f..5b7542987c2 100644 --- a/service/billingconductor/api_client.go +++ b/service/billingconductor/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/billingconductor/auth.go b/service/billingconductor/auth.go index 1130662d1f3..770b51ba851 100644 --- a/service/billingconductor/auth.go +++ b/service/billingconductor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/billingconductor/endpoints.go b/service/billingconductor/endpoints.go index f1f840aca11..4a79a8f1f2a 100644 --- a/service/billingconductor/endpoints.go +++ b/service/billingconductor/endpoints.go @@ -474,7 +474,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -504,6 +504,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -513,7 +517,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/billingconductor/options.go b/service/billingconductor/options.go index 7e5c4bf6393..f8a2cb7d3cc 100644 --- a/service/billingconductor/options.go +++ b/service/billingconductor/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/braket/api_client.go b/service/braket/api_client.go index da1a292e9a5..feafae9aa34 100644 --- a/service/braket/api_client.go +++ b/service/braket/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/braket/auth.go b/service/braket/auth.go index 4ae3d36980f..add4444a1aa 100644 --- a/service/braket/auth.go +++ b/service/braket/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/braket/endpoints.go b/service/braket/endpoints.go index 16e5eb1b8cf..d60886bb4cd 100644 --- a/service/braket/endpoints.go +++ b/service/braket/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/braket/options.go b/service/braket/options.go index 6f2478af3c7..6a32887c770 100644 --- a/service/braket/options.go +++ b/service/braket/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/budgets/api_client.go b/service/budgets/api_client.go index 8843511cb78..b5d20074a09 100644 --- a/service/budgets/api_client.go +++ b/service/budgets/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/budgets/auth.go b/service/budgets/auth.go index 9b66a814445..3a3c15c3a82 100644 --- a/service/budgets/auth.go +++ b/service/budgets/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/budgets/endpoints.go b/service/budgets/endpoints.go index ad90204c52c..f8609abcfae 100644 --- a/service/budgets/endpoints.go +++ b/service/budgets/endpoints.go @@ -508,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,6 +538,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/budgets/options.go b/service/budgets/options.go index d34e144ab4a..c7dcfb96a3e 100644 --- a/service/budgets/options.go +++ b/service/budgets/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chime/api_client.go b/service/chime/api_client.go index 8990bfd76d9..7b0f6190fa6 100644 --- a/service/chime/api_client.go +++ b/service/chime/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chime/auth.go b/service/chime/auth.go index 6adcb392e6b..1f3a4df4033 100644 --- a/service/chime/auth.go +++ b/service/chime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chime/endpoints.go b/service/chime/endpoints.go index 9e83ed2dba6..658f3345234 100644 --- a/service/chime/endpoints.go +++ b/service/chime/endpoints.go @@ -474,7 +474,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -504,6 +504,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -513,7 +517,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chime/options.go b/service/chime/options.go index daea71c83fe..a5f729a344b 100644 --- a/service/chime/options.go +++ b/service/chime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkidentity/api_client.go b/service/chimesdkidentity/api_client.go index f5f2f973e19..fb80b8b2e90 100644 --- a/service/chimesdkidentity/api_client.go +++ b/service/chimesdkidentity/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkidentity/auth.go b/service/chimesdkidentity/auth.go index 34fbc2694c4..3d492cc0aaa 100644 --- a/service/chimesdkidentity/auth.go +++ b/service/chimesdkidentity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkidentity/endpoints.go b/service/chimesdkidentity/endpoints.go index 9c94dada7a8..9c8dc2cda6d 100644 --- a/service/chimesdkidentity/endpoints.go +++ b/service/chimesdkidentity/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkidentity/options.go b/service/chimesdkidentity/options.go index ab06461c37d..da7be41784f 100644 --- a/service/chimesdkidentity/options.go +++ b/service/chimesdkidentity/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmediapipelines/api_client.go b/service/chimesdkmediapipelines/api_client.go index e093b76e616..411bcb18f52 100644 --- a/service/chimesdkmediapipelines/api_client.go +++ b/service/chimesdkmediapipelines/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkmediapipelines/auth.go b/service/chimesdkmediapipelines/auth.go index c75bebffd91..326a563cb3f 100644 --- a/service/chimesdkmediapipelines/auth.go +++ b/service/chimesdkmediapipelines/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmediapipelines/endpoints.go b/service/chimesdkmediapipelines/endpoints.go index 58ff887d5a4..773232864dc 100644 --- a/service/chimesdkmediapipelines/endpoints.go +++ b/service/chimesdkmediapipelines/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmediapipelines/options.go b/service/chimesdkmediapipelines/options.go index aa4bc74301a..45d9974da83 100644 --- a/service/chimesdkmediapipelines/options.go +++ b/service/chimesdkmediapipelines/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmeetings/api_client.go b/service/chimesdkmeetings/api_client.go index b7c9704e75d..83b5d81efc3 100644 --- a/service/chimesdkmeetings/api_client.go +++ b/service/chimesdkmeetings/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkmeetings/auth.go b/service/chimesdkmeetings/auth.go index 08f48a4239c..ea12eef9234 100644 --- a/service/chimesdkmeetings/auth.go +++ b/service/chimesdkmeetings/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmeetings/endpoints.go b/service/chimesdkmeetings/endpoints.go index 9e9227ea1f8..eddaab68fb7 100644 --- a/service/chimesdkmeetings/endpoints.go +++ b/service/chimesdkmeetings/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmeetings/options.go b/service/chimesdkmeetings/options.go index 4818b1c243b..08fa4aeaf09 100644 --- a/service/chimesdkmeetings/options.go +++ b/service/chimesdkmeetings/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkmessaging/api_client.go b/service/chimesdkmessaging/api_client.go index a8dd1bdb2a1..5a43393e9e9 100644 --- a/service/chimesdkmessaging/api_client.go +++ b/service/chimesdkmessaging/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkmessaging/auth.go b/service/chimesdkmessaging/auth.go index 715791d49c9..383277542a7 100644 --- a/service/chimesdkmessaging/auth.go +++ b/service/chimesdkmessaging/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkmessaging/endpoints.go b/service/chimesdkmessaging/endpoints.go index 57c80aec727..427390ab257 100644 --- a/service/chimesdkmessaging/endpoints.go +++ b/service/chimesdkmessaging/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkmessaging/options.go b/service/chimesdkmessaging/options.go index b397f55846c..a6d82bc2bdf 100644 --- a/service/chimesdkmessaging/options.go +++ b/service/chimesdkmessaging/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chimesdkvoice/api_client.go b/service/chimesdkvoice/api_client.go index 3ca4d86c9c0..d61c99eae88 100644 --- a/service/chimesdkvoice/api_client.go +++ b/service/chimesdkvoice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/chimesdkvoice/auth.go b/service/chimesdkvoice/auth.go index e5ec8b7d74d..fc9fac3eca4 100644 --- a/service/chimesdkvoice/auth.go +++ b/service/chimesdkvoice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chimesdkvoice/endpoints.go b/service/chimesdkvoice/endpoints.go index 3c97bb335a0..81aca9fca18 100644 --- a/service/chimesdkvoice/endpoints.go +++ b/service/chimesdkvoice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chimesdkvoice/options.go b/service/chimesdkvoice/options.go index b74af6f12eb..f4f0eb469b5 100644 --- a/service/chimesdkvoice/options.go +++ b/service/chimesdkvoice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cleanrooms/api_client.go b/service/cleanrooms/api_client.go index e4ea9e6ec13..9794a5bb96b 100644 --- a/service/cleanrooms/api_client.go +++ b/service/cleanrooms/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cleanrooms/auth.go b/service/cleanrooms/auth.go index b1878f8b06c..2d78dfe06d2 100644 --- a/service/cleanrooms/auth.go +++ b/service/cleanrooms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cleanrooms/endpoints.go b/service/cleanrooms/endpoints.go index 512fa4ae93e..b80ef7db093 100644 --- a/service/cleanrooms/endpoints.go +++ b/service/cleanrooms/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cleanrooms/options.go b/service/cleanrooms/options.go index 722ec717498..490d062882c 100644 --- a/service/cleanrooms/options.go +++ b/service/cleanrooms/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cleanroomsml/api_client.go b/service/cleanroomsml/api_client.go index c8e761d3e30..9f76aa1ccfd 100644 --- a/service/cleanroomsml/api_client.go +++ b/service/cleanroomsml/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cleanroomsml/auth.go b/service/cleanroomsml/auth.go index 8cf00fe2d2a..ecba5875f8f 100644 --- a/service/cleanroomsml/auth.go +++ b/service/cleanroomsml/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cleanroomsml/endpoints.go b/service/cleanroomsml/endpoints.go index e2bf7cadd4f..1c4148c643f 100644 --- a/service/cleanroomsml/endpoints.go +++ b/service/cleanroomsml/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cleanroomsml/options.go b/service/cleanroomsml/options.go index cc25fe03792..a651472c5d0 100644 --- a/service/cleanroomsml/options.go +++ b/service/cleanroomsml/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloud9/api_client.go b/service/cloud9/api_client.go index c728779f732..a8cee65e737 100644 --- a/service/cloud9/api_client.go +++ b/service/cloud9/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloud9/auth.go b/service/cloud9/auth.go index 45b8810ca71..9d3d276d2cc 100644 --- a/service/cloud9/auth.go +++ b/service/cloud9/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloud9/endpoints.go b/service/cloud9/endpoints.go index 4e5dae268b1..9b90a4f97c0 100644 --- a/service/cloud9/endpoints.go +++ b/service/cloud9/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloud9/options.go b/service/cloud9/options.go index b7b714646a8..497d6362812 100644 --- a/service/cloud9/options.go +++ b/service/cloud9/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudcontrol/api_client.go b/service/cloudcontrol/api_client.go index 1c5cdd74055..41dc4972f7b 100644 --- a/service/cloudcontrol/api_client.go +++ b/service/cloudcontrol/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/cloudcontrol/auth.go b/service/cloudcontrol/auth.go index 6c01a7870ca..cf85400e166 100644 --- a/service/cloudcontrol/auth.go +++ b/service/cloudcontrol/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudcontrol/endpoints.go b/service/cloudcontrol/endpoints.go index ac92be955d0..d8365f279d0 100644 --- a/service/cloudcontrol/endpoints.go +++ b/service/cloudcontrol/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudcontrol/options.go b/service/cloudcontrol/options.go index 10c7257720e..f025c4ef8a3 100644 --- a/service/cloudcontrol/options.go +++ b/service/cloudcontrol/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/clouddirectory/api_client.go b/service/clouddirectory/api_client.go index 823c7231ee0..dd0bf2856f4 100644 --- a/service/clouddirectory/api_client.go +++ b/service/clouddirectory/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/clouddirectory/auth.go b/service/clouddirectory/auth.go index 7ef219219b7..56ab57e0686 100644 --- a/service/clouddirectory/auth.go +++ b/service/clouddirectory/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/clouddirectory/endpoints.go b/service/clouddirectory/endpoints.go index 193bed2d48c..4f8422ac5d6 100644 --- a/service/clouddirectory/endpoints.go +++ b/service/clouddirectory/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/clouddirectory/options.go b/service/clouddirectory/options.go index 6d320e151e0..86229d7bd27 100644 --- a/service/clouddirectory/options.go +++ b/service/clouddirectory/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudformation/api_client.go b/service/cloudformation/api_client.go index 4bbfff117a0..cf4b5a5a8a4 100644 --- a/service/cloudformation/api_client.go +++ b/service/cloudformation/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/cloudformation/auth.go b/service/cloudformation/auth.go index b3ffff854fc..bac265c15d2 100644 --- a/service/cloudformation/auth.go +++ b/service/cloudformation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudformation/endpoints.go b/service/cloudformation/endpoints.go index 753fa15111f..bb420160b6c 100644 --- a/service/cloudformation/endpoints.go +++ b/service/cloudformation/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudformation/options.go b/service/cloudformation/options.go index 5357466b7bd..761fa800299 100644 --- a/service/cloudformation/options.go +++ b/service/cloudformation/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudfront/api_client.go b/service/cloudfront/api_client.go index b3ea9db5454..f1f2fdb27f4 100644 --- a/service/cloudfront/api_client.go +++ b/service/cloudfront/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudfront/auth.go b/service/cloudfront/auth.go index 424e6944949..966815b489e 100644 --- a/service/cloudfront/auth.go +++ b/service/cloudfront/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudfront/endpoints.go b/service/cloudfront/endpoints.go index 05e2b2e7578..95c1d444fc4 100644 --- a/service/cloudfront/endpoints.go +++ b/service/cloudfront/endpoints.go @@ -542,7 +542,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -572,6 +572,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -581,7 +585,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudfront/options.go b/service/cloudfront/options.go index 502c0ce28de..0a9dbc89e49 100644 --- a/service/cloudfront/options.go +++ b/service/cloudfront/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudfrontkeyvaluestore/api_client.go b/service/cloudfrontkeyvaluestore/api_client.go index 75335d0829f..503d49eabfe 100644 --- a/service/cloudfrontkeyvaluestore/api_client.go +++ b/service/cloudfrontkeyvaluestore/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/v4a" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -238,15 +239,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -437,6 +439,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -457,6 +471,25 @@ func newDefaultV4aSigner(o Options) *v4a.Signer { }) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudfrontkeyvaluestore/auth.go b/service/cloudfrontkeyvaluestore/auth.go index 67f9115dd7a..c8f22c97ed5 100644 --- a/service/cloudfrontkeyvaluestore/auth.go +++ b/service/cloudfrontkeyvaluestore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -155,7 +155,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudfrontkeyvaluestore/endpoints.go b/service/cloudfrontkeyvaluestore/endpoints.go index e670bf5c278..69de6ddd26f 100644 --- a/service/cloudfrontkeyvaluestore/endpoints.go +++ b/service/cloudfrontkeyvaluestore/endpoints.go @@ -543,7 +543,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -572,6 +572,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -581,7 +585,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudfrontkeyvaluestore/options.go b/service/cloudfrontkeyvaluestore/options.go index a3c1d3548ba..3b80eeee443 100644 --- a/service/cloudfrontkeyvaluestore/options.go +++ b/service/cloudfrontkeyvaluestore/options.go @@ -26,6 +26,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudhsm/api_client.go b/service/cloudhsm/api_client.go index b05be156506..414927205ba 100644 --- a/service/cloudhsm/api_client.go +++ b/service/cloudhsm/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudhsm/auth.go b/service/cloudhsm/auth.go index af7ba216d1f..f594f5789e0 100644 --- a/service/cloudhsm/auth.go +++ b/service/cloudhsm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudhsm/endpoints.go b/service/cloudhsm/endpoints.go index 8696185954e..dfe3af411b5 100644 --- a/service/cloudhsm/endpoints.go +++ b/service/cloudhsm/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudhsm/options.go b/service/cloudhsm/options.go index 9dc12483622..26aff959405 100644 --- a/service/cloudhsm/options.go +++ b/service/cloudhsm/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudhsmv2/api_client.go b/service/cloudhsmv2/api_client.go index 2bd421266f8..63f725297db 100644 --- a/service/cloudhsmv2/api_client.go +++ b/service/cloudhsmv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudhsmv2/auth.go b/service/cloudhsmv2/auth.go index 50320c77406..eecbfa6932b 100644 --- a/service/cloudhsmv2/auth.go +++ b/service/cloudhsmv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudhsmv2/endpoints.go b/service/cloudhsmv2/endpoints.go index 756d776a550..11e0a427b16 100644 --- a/service/cloudhsmv2/endpoints.go +++ b/service/cloudhsmv2/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudhsmv2/options.go b/service/cloudhsmv2/options.go index 44c25a26f27..fe11ec5ffc6 100644 --- a/service/cloudhsmv2/options.go +++ b/service/cloudhsmv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudsearch/api_client.go b/service/cloudsearch/api_client.go index dadfd2f86e4..b8d356743d0 100644 --- a/service/cloudsearch/api_client.go +++ b/service/cloudsearch/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudsearch/auth.go b/service/cloudsearch/auth.go index 0e18b91c7c5..70343c408e7 100644 --- a/service/cloudsearch/auth.go +++ b/service/cloudsearch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudsearch/endpoints.go b/service/cloudsearch/endpoints.go index 5df55af2f48..8aaed07c664 100644 --- a/service/cloudsearch/endpoints.go +++ b/service/cloudsearch/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudsearch/options.go b/service/cloudsearch/options.go index a5d00c96a33..c47386754d4 100644 --- a/service/cloudsearch/options.go +++ b/service/cloudsearch/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudsearchdomain/api_client.go b/service/cloudsearchdomain/api_client.go index 7ce19eeff61..f1dd08b7363 100644 --- a/service/cloudsearchdomain/api_client.go +++ b/service/cloudsearchdomain/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudsearchdomain/auth.go b/service/cloudsearchdomain/auth.go index cd60da2b0f8..00a5f0b5216 100644 --- a/service/cloudsearchdomain/auth.go +++ b/service/cloudsearchdomain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudsearchdomain/endpoints.go b/service/cloudsearchdomain/endpoints.go index 909496715b3..0a7a4d36861 100644 --- a/service/cloudsearchdomain/endpoints.go +++ b/service/cloudsearchdomain/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudsearchdomain/options.go b/service/cloudsearchdomain/options.go index 5858235da40..ec7ef5c6e3b 100644 --- a/service/cloudsearchdomain/options.go +++ b/service/cloudsearchdomain/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudtrail/api_client.go b/service/cloudtrail/api_client.go index 7ea04f926e4..2ef96fef5b6 100644 --- a/service/cloudtrail/api_client.go +++ b/service/cloudtrail/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudtrail/auth.go b/service/cloudtrail/auth.go index 866b0958eba..f656ca0b705 100644 --- a/service/cloudtrail/auth.go +++ b/service/cloudtrail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudtrail/endpoints.go b/service/cloudtrail/endpoints.go index eb9b4c08d50..ebc349aec04 100644 --- a/service/cloudtrail/endpoints.go +++ b/service/cloudtrail/endpoints.go @@ -465,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,6 +495,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudtrail/options.go b/service/cloudtrail/options.go index 3f41deae494..556f9168116 100644 --- a/service/cloudtrail/options.go +++ b/service/cloudtrail/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudtraildata/api_client.go b/service/cloudtraildata/api_client.go index 3f796feb2e0..a33b827553c 100644 --- a/service/cloudtraildata/api_client.go +++ b/service/cloudtraildata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudtraildata/auth.go b/service/cloudtraildata/auth.go index ffae409d45c..ad815f05eb3 100644 --- a/service/cloudtraildata/auth.go +++ b/service/cloudtraildata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudtraildata/endpoints.go b/service/cloudtraildata/endpoints.go index 1850b0532a1..3ce0d34e8e6 100644 --- a/service/cloudtraildata/endpoints.go +++ b/service/cloudtraildata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudtraildata/options.go b/service/cloudtraildata/options.go index e483254413e..bd8e40347d0 100644 --- a/service/cloudtraildata/options.go +++ b/service/cloudtraildata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatch/api_client.go b/service/cloudwatch/api_client.go index 4159dba3b36..4fc8e5fec73 100644 --- a/service/cloudwatch/api_client.go +++ b/service/cloudwatch/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudwatch/auth.go b/service/cloudwatch/auth.go index d7dd29021ef..15b28e8e249 100644 --- a/service/cloudwatch/auth.go +++ b/service/cloudwatch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatch/endpoints.go b/service/cloudwatch/endpoints.go index a0496b79974..f546edb2007 100644 --- a/service/cloudwatch/endpoints.go +++ b/service/cloudwatch/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatch/options.go b/service/cloudwatch/options.go index 69a23e5125d..1fe4e119dba 100644 --- a/service/cloudwatch/options.go +++ b/service/cloudwatch/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatchevents/api_client.go b/service/cloudwatchevents/api_client.go index ffebc2f7d21..44a6c550fd6 100644 --- a/service/cloudwatchevents/api_client.go +++ b/service/cloudwatchevents/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cloudwatchevents/auth.go b/service/cloudwatchevents/auth.go index 54b6cf2b251..fd96512da64 100644 --- a/service/cloudwatchevents/auth.go +++ b/service/cloudwatchevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatchevents/endpoints.go b/service/cloudwatchevents/endpoints.go index 3bad8bd1879..4a41311f73e 100644 --- a/service/cloudwatchevents/endpoints.go +++ b/service/cloudwatchevents/endpoints.go @@ -465,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,6 +495,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatchevents/options.go b/service/cloudwatchevents/options.go index 2552376ac33..09bcdab7c1e 100644 --- a/service/cloudwatchevents/options.go +++ b/service/cloudwatchevents/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cloudwatchlogs/api_client.go b/service/cloudwatchlogs/api_client.go index 62a3f467aae..72368f3ba45 100644 --- a/service/cloudwatchlogs/api_client.go +++ b/service/cloudwatchlogs/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -442,6 +444,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/cloudwatchlogs/auth.go b/service/cloudwatchlogs/auth.go index fff49614c8a..5f0a3695fa8 100644 --- a/service/cloudwatchlogs/auth.go +++ b/service/cloudwatchlogs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cloudwatchlogs/endpoints.go b/service/cloudwatchlogs/endpoints.go index 2fa86090a7a..a3e6c869cec 100644 --- a/service/cloudwatchlogs/endpoints.go +++ b/service/cloudwatchlogs/endpoints.go @@ -465,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,6 +495,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cloudwatchlogs/options.go b/service/cloudwatchlogs/options.go index 33256f3d76f..672159912e2 100644 --- a/service/cloudwatchlogs/options.go +++ b/service/cloudwatchlogs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codeartifact/api_client.go b/service/codeartifact/api_client.go index e4c0f80c862..304bad24c03 100644 --- a/service/codeartifact/api_client.go +++ b/service/codeartifact/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/codeartifact/auth.go b/service/codeartifact/auth.go index e3c5ce4848c..2dda61e1752 100644 --- a/service/codeartifact/auth.go +++ b/service/codeartifact/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeartifact/endpoints.go b/service/codeartifact/endpoints.go index 286fb5bed7f..aed248b6e4e 100644 --- a/service/codeartifact/endpoints.go +++ b/service/codeartifact/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeartifact/options.go b/service/codeartifact/options.go index 5e5558ae758..e7f13517730 100644 --- a/service/codeartifact/options.go +++ b/service/codeartifact/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codebuild/api_client.go b/service/codebuild/api_client.go index 5d03878e2f6..dedacb96f8e 100644 --- a/service/codebuild/api_client.go +++ b/service/codebuild/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/codebuild/auth.go b/service/codebuild/auth.go index ee3a0c5363b..fa2a88aec55 100644 --- a/service/codebuild/auth.go +++ b/service/codebuild/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codebuild/endpoints.go b/service/codebuild/endpoints.go index f4390be34e5..3e1be49c3f3 100644 --- a/service/codebuild/endpoints.go +++ b/service/codebuild/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codebuild/options.go b/service/codebuild/options.go index c8dce451d25..0c30d486668 100644 --- a/service/codebuild/options.go +++ b/service/codebuild/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codecatalyst/api_client.go b/service/codecatalyst/api_client.go index b8e5c800548..915d900b667 100644 --- a/service/codecatalyst/api_client.go +++ b/service/codecatalyst/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/auth/bearer" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" @@ -235,6 +236,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { Logger: cfg.Logger, ClientLogMode: cfg.ClientLogMode, AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -414,6 +416,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func resolveBearerAuthSigner(o *Options) { if o.BearerAuthSigner != nil { return @@ -424,6 +438,25 @@ func newDefaultBearerAuthSigner(o Options) bearer.Signer { return bearer.NewSignHTTPSMessage() } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codecatalyst/auth.go b/service/codecatalyst/auth.go index 862bbdb5a8f..2dc67d6ef04 100644 --- a/service/codecatalyst/auth.go +++ b/service/codecatalyst/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codecatalyst/endpoints.go b/service/codecatalyst/endpoints.go index ab326a9612a..23db1f26501 100644 --- a/service/codecatalyst/endpoints.go +++ b/service/codecatalyst/endpoints.go @@ -403,7 +403,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) @@ -432,6 +432,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -441,7 +445,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codecatalyst/options.go b/service/codecatalyst/options.go index 742da5bef2f..3901da3e982 100644 --- a/service/codecatalyst/options.go +++ b/service/codecatalyst/options.go @@ -23,6 +23,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codecommit/api_client.go b/service/codecommit/api_client.go index bb5d92ffd86..bd4c8f60c82 100644 --- a/service/codecommit/api_client.go +++ b/service/codecommit/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codecommit/auth.go b/service/codecommit/auth.go index 4d144c4122b..a18c605e5f5 100644 --- a/service/codecommit/auth.go +++ b/service/codecommit/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codecommit/endpoints.go b/service/codecommit/endpoints.go index db1274070f4..bcbcbe4efd8 100644 --- a/service/codecommit/endpoints.go +++ b/service/codecommit/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codecommit/options.go b/service/codecommit/options.go index 22ae7feaed4..1441def37b7 100644 --- a/service/codecommit/options.go +++ b/service/codecommit/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codedeploy/api_client.go b/service/codedeploy/api_client.go index a02a5633fb3..da9b62802e1 100644 --- a/service/codedeploy/api_client.go +++ b/service/codedeploy/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/codedeploy/auth.go b/service/codedeploy/auth.go index cd85dfc6595..c52fe887c15 100644 --- a/service/codedeploy/auth.go +++ b/service/codedeploy/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codedeploy/endpoints.go b/service/codedeploy/endpoints.go index d2c3e72fbd3..c089a687e68 100644 --- a/service/codedeploy/endpoints.go +++ b/service/codedeploy/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codedeploy/options.go b/service/codedeploy/options.go index 33557f60913..454d3affc16 100644 --- a/service/codedeploy/options.go +++ b/service/codedeploy/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codeguruprofiler/api_client.go b/service/codeguruprofiler/api_client.go index 18790253d25..2497d454c17 100644 --- a/service/codeguruprofiler/api_client.go +++ b/service/codeguruprofiler/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codeguruprofiler/auth.go b/service/codeguruprofiler/auth.go index 60053ae5d0b..4dfbe80607f 100644 --- a/service/codeguruprofiler/auth.go +++ b/service/codeguruprofiler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeguruprofiler/endpoints.go b/service/codeguruprofiler/endpoints.go index ce825515cbb..25043e825d9 100644 --- a/service/codeguruprofiler/endpoints.go +++ b/service/codeguruprofiler/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeguruprofiler/options.go b/service/codeguruprofiler/options.go index 79b4bbbc346..58008404467 100644 --- a/service/codeguruprofiler/options.go +++ b/service/codeguruprofiler/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codegurureviewer/api_client.go b/service/codegurureviewer/api_client.go index bd0e6c520fb..3f6048106fa 100644 --- a/service/codegurureviewer/api_client.go +++ b/service/codegurureviewer/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codegurureviewer/auth.go b/service/codegurureviewer/auth.go index 3987f2f0511..3423f231138 100644 --- a/service/codegurureviewer/auth.go +++ b/service/codegurureviewer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codegurureviewer/endpoints.go b/service/codegurureviewer/endpoints.go index 495e43dd1e4..c6b2cef5c31 100644 --- a/service/codegurureviewer/endpoints.go +++ b/service/codegurureviewer/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codegurureviewer/options.go b/service/codegurureviewer/options.go index e2323cec481..e08bb20ce4f 100644 --- a/service/codegurureviewer/options.go +++ b/service/codegurureviewer/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codegurusecurity/api_client.go b/service/codegurusecurity/api_client.go index 76aefb15708..fb2f368679c 100644 --- a/service/codegurusecurity/api_client.go +++ b/service/codegurusecurity/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codegurusecurity/auth.go b/service/codegurusecurity/auth.go index 3b9d0dd4893..c8796af748d 100644 --- a/service/codegurusecurity/auth.go +++ b/service/codegurusecurity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codegurusecurity/endpoints.go b/service/codegurusecurity/endpoints.go index 7852e5b7683..2ffff351edb 100644 --- a/service/codegurusecurity/endpoints.go +++ b/service/codegurusecurity/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codegurusecurity/options.go b/service/codegurusecurity/options.go index bd97b809f04..488ed45360e 100644 --- a/service/codegurusecurity/options.go +++ b/service/codegurusecurity/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codepipeline/api_client.go b/service/codepipeline/api_client.go index 708d6e42b19..7684e8fefcf 100644 --- a/service/codepipeline/api_client.go +++ b/service/codepipeline/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codepipeline/auth.go b/service/codepipeline/auth.go index 9cc55014388..8eaa4351ae3 100644 --- a/service/codepipeline/auth.go +++ b/service/codepipeline/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codepipeline/endpoints.go b/service/codepipeline/endpoints.go index 3984ae8e185..a968be7dc9e 100644 --- a/service/codepipeline/endpoints.go +++ b/service/codepipeline/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codepipeline/options.go b/service/codepipeline/options.go index 4d6c61126da..b530639449f 100644 --- a/service/codepipeline/options.go +++ b/service/codepipeline/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestar/api_client.go b/service/codestar/api_client.go index 0c7a7dc55c1..9db96cb35d8 100644 --- a/service/codestar/api_client.go +++ b/service/codestar/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/codestar/auth.go b/service/codestar/auth.go index 4b96c0ebcd5..d1458c7736b 100644 --- a/service/codestar/auth.go +++ b/service/codestar/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestar/endpoints.go b/service/codestar/endpoints.go index bc7c4efa36a..41d580f8958 100644 --- a/service/codestar/endpoints.go +++ b/service/codestar/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestar/options.go b/service/codestar/options.go index eb0b3a3769d..91bb5abeb08 100644 --- a/service/codestar/options.go +++ b/service/codestar/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestarconnections/api_client.go b/service/codestarconnections/api_client.go index 9ebc922b780..45ee5f6ac4d 100644 --- a/service/codestarconnections/api_client.go +++ b/service/codestarconnections/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/codestarconnections/auth.go b/service/codestarconnections/auth.go index 702ad6f1f30..38c90bb2e8b 100644 --- a/service/codestarconnections/auth.go +++ b/service/codestarconnections/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestarconnections/endpoints.go b/service/codestarconnections/endpoints.go index c2f6605d60e..94ba176871f 100644 --- a/service/codestarconnections/endpoints.go +++ b/service/codestarconnections/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestarconnections/options.go b/service/codestarconnections/options.go index a6b2a51cc33..d9088afbaa2 100644 --- a/service/codestarconnections/options.go +++ b/service/codestarconnections/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codestarnotifications/api_client.go b/service/codestarnotifications/api_client.go index 089831e8323..9fb3aed7605 100644 --- a/service/codestarnotifications/api_client.go +++ b/service/codestarnotifications/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codestarnotifications/auth.go b/service/codestarnotifications/auth.go index 5c32b160d4e..fe202879849 100644 --- a/service/codestarnotifications/auth.go +++ b/service/codestarnotifications/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codestarnotifications/endpoints.go b/service/codestarnotifications/endpoints.go index 9463a593e2a..8657402ce37 100644 --- a/service/codestarnotifications/endpoints.go +++ b/service/codestarnotifications/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codestarnotifications/options.go b/service/codestarnotifications/options.go index 589676ba4fe..450fce2e7d3 100644 --- a/service/codestarnotifications/options.go +++ b/service/codestarnotifications/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitoidentity/api_client.go b/service/cognitoidentity/api_client.go index 5831e373997..f6d043c1c6a 100644 --- a/service/cognitoidentity/api_client.go +++ b/service/cognitoidentity/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cognitoidentity/auth.go b/service/cognitoidentity/auth.go index 6bf60c37e84..9e7ad82f834 100644 --- a/service/cognitoidentity/auth.go +++ b/service/cognitoidentity/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -169,7 +169,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitoidentity/endpoints.go b/service/cognitoidentity/endpoints.go index 65a4850f2ec..7ffcbce2a74 100644 --- a/service/cognitoidentity/endpoints.go +++ b/service/cognitoidentity/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitoidentity/options.go b/service/cognitoidentity/options.go index 118fe1e4b11..c26ec1e9835 100644 --- a/service/cognitoidentity/options.go +++ b/service/cognitoidentity/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitoidentityprovider/api_client.go b/service/cognitoidentityprovider/api_client.go index 8c094e0cbf4..c8fa6b10e38 100644 --- a/service/cognitoidentityprovider/api_client.go +++ b/service/cognitoidentityprovider/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cognitoidentityprovider/auth.go b/service/cognitoidentityprovider/auth.go index 471f9d2bfcf..c8821dc49f8 100644 --- a/service/cognitoidentityprovider/auth.go +++ b/service/cognitoidentityprovider/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -301,7 +301,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitoidentityprovider/endpoints.go b/service/cognitoidentityprovider/endpoints.go index 5bf48df1994..4148eb11ddd 100644 --- a/service/cognitoidentityprovider/endpoints.go +++ b/service/cognitoidentityprovider/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitoidentityprovider/options.go b/service/cognitoidentityprovider/options.go index ee635438352..7c46e58c381 100644 --- a/service/cognitoidentityprovider/options.go +++ b/service/cognitoidentityprovider/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/cognitosync/api_client.go b/service/cognitosync/api_client.go index cd952a6973b..70891497d9d 100644 --- a/service/cognitosync/api_client.go +++ b/service/cognitosync/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/cognitosync/auth.go b/service/cognitosync/auth.go index 9d24d23ea32..13d21dd1f2e 100644 --- a/service/cognitosync/auth.go +++ b/service/cognitosync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/cognitosync/endpoints.go b/service/cognitosync/endpoints.go index 809ba37fe0f..1435069efb8 100644 --- a/service/cognitosync/endpoints.go +++ b/service/cognitosync/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/cognitosync/options.go b/service/cognitosync/options.go index f8e75f64a9c..1fdf59318ff 100644 --- a/service/cognitosync/options.go +++ b/service/cognitosync/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/comprehend/api_client.go b/service/comprehend/api_client.go index 5b87feeed5c..1a7cacb3c94 100644 --- a/service/comprehend/api_client.go +++ b/service/comprehend/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/comprehend/auth.go b/service/comprehend/auth.go index 0991e047085..9d85cab50d1 100644 --- a/service/comprehend/auth.go +++ b/service/comprehend/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/comprehend/endpoints.go b/service/comprehend/endpoints.go index 1d9983cb054..d1147d4eb85 100644 --- a/service/comprehend/endpoints.go +++ b/service/comprehend/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/comprehend/options.go b/service/comprehend/options.go index 0c234fdb245..5e1a1605ee9 100644 --- a/service/comprehend/options.go +++ b/service/comprehend/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/comprehendmedical/api_client.go b/service/comprehendmedical/api_client.go index 7cf4131074d..e15ad8bf80b 100644 --- a/service/comprehendmedical/api_client.go +++ b/service/comprehendmedical/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/comprehendmedical/auth.go b/service/comprehendmedical/auth.go index 6323342ed08..7a0b94157f5 100644 --- a/service/comprehendmedical/auth.go +++ b/service/comprehendmedical/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/comprehendmedical/endpoints.go b/service/comprehendmedical/endpoints.go index 2f7211b3f50..90cc67abdf1 100644 --- a/service/comprehendmedical/endpoints.go +++ b/service/comprehendmedical/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/comprehendmedical/options.go b/service/comprehendmedical/options.go index 35f3814474e..39267a50576 100644 --- a/service/comprehendmedical/options.go +++ b/service/comprehendmedical/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/computeoptimizer/api_client.go b/service/computeoptimizer/api_client.go index d4667e3c36c..d8db2c8a84d 100644 --- a/service/computeoptimizer/api_client.go +++ b/service/computeoptimizer/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/computeoptimizer/auth.go b/service/computeoptimizer/auth.go index 29c7c72065d..8a392625573 100644 --- a/service/computeoptimizer/auth.go +++ b/service/computeoptimizer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/computeoptimizer/endpoints.go b/service/computeoptimizer/endpoints.go index 4553acbed43..b373f2e0c19 100644 --- a/service/computeoptimizer/endpoints.go +++ b/service/computeoptimizer/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/computeoptimizer/options.go b/service/computeoptimizer/options.go index 4de24e20256..0b794c2112f 100644 --- a/service/computeoptimizer/options.go +++ b/service/computeoptimizer/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/configservice/api_client.go b/service/configservice/api_client.go index 3e7c6b33026..4f3eaf700f6 100644 --- a/service/configservice/api_client.go +++ b/service/configservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/configservice/auth.go b/service/configservice/auth.go index 65dcd4a3e63..25462d290e5 100644 --- a/service/configservice/auth.go +++ b/service/configservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/configservice/endpoints.go b/service/configservice/endpoints.go index 48ed41a974d..5a743006e9b 100644 --- a/service/configservice/endpoints.go +++ b/service/configservice/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/configservice/options.go b/service/configservice/options.go index 0d4c3c628c3..cae68ceb357 100644 --- a/service/configservice/options.go +++ b/service/configservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connect/api_client.go b/service/connect/api_client.go index 30fe7e1077e..1acecc53e8e 100644 --- a/service/connect/api_client.go +++ b/service/connect/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/connect/auth.go b/service/connect/auth.go index 9800a81735e..1098b51f159 100644 --- a/service/connect/auth.go +++ b/service/connect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connect/endpoints.go b/service/connect/endpoints.go index eeeeff7aea0..db5d4c2311b 100644 --- a/service/connect/endpoints.go +++ b/service/connect/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connect/options.go b/service/connect/options.go index 637a92c76a4..91b55e48a8e 100644 --- a/service/connect/options.go +++ b/service/connect/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcampaigns/api_client.go b/service/connectcampaigns/api_client.go index 1e7ccbb025f..e63228eae79 100644 --- a/service/connectcampaigns/api_client.go +++ b/service/connectcampaigns/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/connectcampaigns/auth.go b/service/connectcampaigns/auth.go index f6737cde3fb..99865d48c13 100644 --- a/service/connectcampaigns/auth.go +++ b/service/connectcampaigns/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcampaigns/endpoints.go b/service/connectcampaigns/endpoints.go index b75c0f944dc..57e2cb67777 100644 --- a/service/connectcampaigns/endpoints.go +++ b/service/connectcampaigns/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcampaigns/options.go b/service/connectcampaigns/options.go index 9a90478641f..b7d65bb61c1 100644 --- a/service/connectcampaigns/options.go +++ b/service/connectcampaigns/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcases/api_client.go b/service/connectcases/api_client.go index b8752124bf3..97886f77b4c 100644 --- a/service/connectcases/api_client.go +++ b/service/connectcases/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/connectcases/auth.go b/service/connectcases/auth.go index 91fffcf9baf..3691e969182 100644 --- a/service/connectcases/auth.go +++ b/service/connectcases/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcases/endpoints.go b/service/connectcases/endpoints.go index 6e51331f205..f45114c8271 100644 --- a/service/connectcases/endpoints.go +++ b/service/connectcases/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcases/options.go b/service/connectcases/options.go index ad2305f38de..ef2a397d46c 100644 --- a/service/connectcases/options.go +++ b/service/connectcases/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectcontactlens/api_client.go b/service/connectcontactlens/api_client.go index 081d036414b..ba0100f28b3 100644 --- a/service/connectcontactlens/api_client.go +++ b/service/connectcontactlens/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/connectcontactlens/auth.go b/service/connectcontactlens/auth.go index 76699d95ae2..3f546f7d89e 100644 --- a/service/connectcontactlens/auth.go +++ b/service/connectcontactlens/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectcontactlens/endpoints.go b/service/connectcontactlens/endpoints.go index ba9f3fd4528..8f172684077 100644 --- a/service/connectcontactlens/endpoints.go +++ b/service/connectcontactlens/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectcontactlens/options.go b/service/connectcontactlens/options.go index fbbeed58bba..4c12fb37caa 100644 --- a/service/connectcontactlens/options.go +++ b/service/connectcontactlens/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/connectparticipant/api_client.go b/service/connectparticipant/api_client.go index eda4f324775..752d927bc2d 100644 --- a/service/connectparticipant/api_client.go +++ b/service/connectparticipant/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/connectparticipant/auth.go b/service/connectparticipant/auth.go index f2e851a706f..114a0777e65 100644 --- a/service/connectparticipant/auth.go +++ b/service/connectparticipant/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/connectparticipant/endpoints.go b/service/connectparticipant/endpoints.go index e4c4874a2fd..14c158f532d 100644 --- a/service/connectparticipant/endpoints.go +++ b/service/connectparticipant/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/connectparticipant/options.go b/service/connectparticipant/options.go index 014b8e0bd42..c6c76684997 100644 --- a/service/connectparticipant/options.go +++ b/service/connectparticipant/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/controltower/api_client.go b/service/controltower/api_client.go index 9f75b82fb0b..bbbe76d49fa 100644 --- a/service/controltower/api_client.go +++ b/service/controltower/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/controltower/auth.go b/service/controltower/auth.go index f8b61c05704..fa2e5b92dc6 100644 --- a/service/controltower/auth.go +++ b/service/controltower/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/controltower/endpoints.go b/service/controltower/endpoints.go index ab6b4e1ef08..da3a1c0b65b 100644 --- a/service/controltower/endpoints.go +++ b/service/controltower/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/controltower/options.go b/service/controltower/options.go index b4a656b1f8d..5005dbf5f18 100644 --- a/service/controltower/options.go +++ b/service/controltower/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costandusagereportservice/api_client.go b/service/costandusagereportservice/api_client.go index 5a9f088fe7d..a93446f37ce 100644 --- a/service/costandusagereportservice/api_client.go +++ b/service/costandusagereportservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/costandusagereportservice/auth.go b/service/costandusagereportservice/auth.go index 9bb25de4d39..552674b68d9 100644 --- a/service/costandusagereportservice/auth.go +++ b/service/costandusagereportservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costandusagereportservice/endpoints.go b/service/costandusagereportservice/endpoints.go index 63924343e1b..a715abd0b24 100644 --- a/service/costandusagereportservice/endpoints.go +++ b/service/costandusagereportservice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costandusagereportservice/options.go b/service/costandusagereportservice/options.go index 7efede34119..9afa360c1e8 100644 --- a/service/costandusagereportservice/options.go +++ b/service/costandusagereportservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costexplorer/api_client.go b/service/costexplorer/api_client.go index 6512bc3aadb..713cbf07bc8 100644 --- a/service/costexplorer/api_client.go +++ b/service/costexplorer/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/costexplorer/auth.go b/service/costexplorer/auth.go index d04e0be26e3..a26fb2a409b 100644 --- a/service/costexplorer/auth.go +++ b/service/costexplorer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costexplorer/endpoints.go b/service/costexplorer/endpoints.go index 30e05cfe84a..293678e53b5 100644 --- a/service/costexplorer/endpoints.go +++ b/service/costexplorer/endpoints.go @@ -508,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,6 +538,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costexplorer/options.go b/service/costexplorer/options.go index 7303fa50a6e..14edefe7746 100644 --- a/service/costexplorer/options.go +++ b/service/costexplorer/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/costoptimizationhub/api_client.go b/service/costoptimizationhub/api_client.go index 324177d268f..01ba146c27c 100644 --- a/service/costoptimizationhub/api_client.go +++ b/service/costoptimizationhub/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/costoptimizationhub/auth.go b/service/costoptimizationhub/auth.go index 001ffd03fa6..e37f21a3169 100644 --- a/service/costoptimizationhub/auth.go +++ b/service/costoptimizationhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/costoptimizationhub/endpoints.go b/service/costoptimizationhub/endpoints.go index 5b4f3ed2e12..76eaa709097 100644 --- a/service/costoptimizationhub/endpoints.go +++ b/service/costoptimizationhub/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/costoptimizationhub/options.go b/service/costoptimizationhub/options.go index 3f035a3ed94..685300daf11 100644 --- a/service/costoptimizationhub/options.go +++ b/service/costoptimizationhub/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/customerprofiles/api_client.go b/service/customerprofiles/api_client.go index 18b06256da3..efb6aca7f8c 100644 --- a/service/customerprofiles/api_client.go +++ b/service/customerprofiles/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/customerprofiles/auth.go b/service/customerprofiles/auth.go index 0c0672b1aa5..7bcd862cab3 100644 --- a/service/customerprofiles/auth.go +++ b/service/customerprofiles/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/customerprofiles/endpoints.go b/service/customerprofiles/endpoints.go index b6135174dd6..ae98f0784a4 100644 --- a/service/customerprofiles/endpoints.go +++ b/service/customerprofiles/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/customerprofiles/options.go b/service/customerprofiles/options.go index a35d77298a9..9d6c84e3d14 100644 --- a/service/customerprofiles/options.go +++ b/service/customerprofiles/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/databasemigrationservice/api_client.go b/service/databasemigrationservice/api_client.go index e2fa662bb3d..444e25c477a 100644 --- a/service/databasemigrationservice/api_client.go +++ b/service/databasemigrationservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/databasemigrationservice/auth.go b/service/databasemigrationservice/auth.go index ddb9776b960..b4a6ba939d9 100644 --- a/service/databasemigrationservice/auth.go +++ b/service/databasemigrationservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/databasemigrationservice/endpoints.go b/service/databasemigrationservice/endpoints.go index b0b1214bf45..06dcc829b99 100644 --- a/service/databasemigrationservice/endpoints.go +++ b/service/databasemigrationservice/endpoints.go @@ -496,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,6 +526,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/databasemigrationservice/options.go b/service/databasemigrationservice/options.go index 58bf0bb961d..6c02059703b 100644 --- a/service/databasemigrationservice/options.go +++ b/service/databasemigrationservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/databrew/api_client.go b/service/databrew/api_client.go index 59108ee9493..741c1c3fe13 100644 --- a/service/databrew/api_client.go +++ b/service/databrew/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/databrew/auth.go b/service/databrew/auth.go index e4f3cc319fb..c2e1e22d01a 100644 --- a/service/databrew/auth.go +++ b/service/databrew/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/databrew/endpoints.go b/service/databrew/endpoints.go index c61e4658d54..b18bf5e7514 100644 --- a/service/databrew/endpoints.go +++ b/service/databrew/endpoints.go @@ -452,7 +452,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -482,6 +482,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -491,7 +495,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/databrew/options.go b/service/databrew/options.go index ce023fb8984..87b53428c84 100644 --- a/service/databrew/options.go +++ b/service/databrew/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dataexchange/api_client.go b/service/dataexchange/api_client.go index d64eb547ab4..f17d4779e4b 100644 --- a/service/dataexchange/api_client.go +++ b/service/dataexchange/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/dataexchange/auth.go b/service/dataexchange/auth.go index e7b87cb1b16..7dfe40dbf45 100644 --- a/service/dataexchange/auth.go +++ b/service/dataexchange/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dataexchange/endpoints.go b/service/dataexchange/endpoints.go index 2870a89efbc..009b3c43fae 100644 --- a/service/dataexchange/endpoints.go +++ b/service/dataexchange/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dataexchange/options.go b/service/dataexchange/options.go index e2a2012d48c..1385723dcb2 100644 --- a/service/dataexchange/options.go +++ b/service/dataexchange/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datapipeline/api_client.go b/service/datapipeline/api_client.go index 60d6709fd88..33ffd261b87 100644 --- a/service/datapipeline/api_client.go +++ b/service/datapipeline/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/datapipeline/auth.go b/service/datapipeline/auth.go index 95dc8ef9793..d2a45fd6fd8 100644 --- a/service/datapipeline/auth.go +++ b/service/datapipeline/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datapipeline/endpoints.go b/service/datapipeline/endpoints.go index 231af8c46ce..dcd7df293b4 100644 --- a/service/datapipeline/endpoints.go +++ b/service/datapipeline/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datapipeline/options.go b/service/datapipeline/options.go index 74ee6db58a9..4f38a53c393 100644 --- a/service/datapipeline/options.go +++ b/service/datapipeline/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datasync/api_client.go b/service/datasync/api_client.go index 0f913672e4a..e5bbd834e93 100644 --- a/service/datasync/api_client.go +++ b/service/datasync/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/datasync/auth.go b/service/datasync/auth.go index 32b6fa29edb..3fe3da67fad 100644 --- a/service/datasync/auth.go +++ b/service/datasync/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datasync/endpoints.go b/service/datasync/endpoints.go index 3e14905e93b..db63df9da72 100644 --- a/service/datasync/endpoints.go +++ b/service/datasync/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datasync/options.go b/service/datasync/options.go index 454e8cedd9e..1b54fde4d4d 100644 --- a/service/datasync/options.go +++ b/service/datasync/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/datazone/api_client.go b/service/datazone/api_client.go index eaf9c878622..783a9829e8a 100644 --- a/service/datazone/api_client.go +++ b/service/datazone/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/datazone/auth.go b/service/datazone/auth.go index c47c550f373..a6617fe91d0 100644 --- a/service/datazone/auth.go +++ b/service/datazone/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/datazone/endpoints.go b/service/datazone/endpoints.go index 70197fa2ef1..9199e085137 100644 --- a/service/datazone/endpoints.go +++ b/service/datazone/endpoints.go @@ -411,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,6 +440,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/datazone/options.go b/service/datazone/options.go index 5d525a95222..603009375d9 100644 --- a/service/datazone/options.go +++ b/service/datazone/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dax/api_client.go b/service/dax/api_client.go index 8217caf2a8e..5f7190de1b9 100644 --- a/service/dax/api_client.go +++ b/service/dax/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/dax/auth.go b/service/dax/auth.go index 06101460ce0..cefb5cb4f13 100644 --- a/service/dax/auth.go +++ b/service/dax/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dax/endpoints.go b/service/dax/endpoints.go index b08ff7484a4..99c5b64d8e8 100644 --- a/service/dax/endpoints.go +++ b/service/dax/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dax/options.go b/service/dax/options.go index 4694ed39c0d..fb78f9973d0 100644 --- a/service/dax/options.go +++ b/service/dax/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/detective/api_client.go b/service/detective/api_client.go index 38bcebc6697..ecc1a75bdd9 100644 --- a/service/detective/api_client.go +++ b/service/detective/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/detective/auth.go b/service/detective/auth.go index 58b15c470da..a14ea5d278e 100644 --- a/service/detective/auth.go +++ b/service/detective/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/detective/endpoints.go b/service/detective/endpoints.go index 4b2b271f06e..77fbc237a85 100644 --- a/service/detective/endpoints.go +++ b/service/detective/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/detective/options.go b/service/detective/options.go index 044d87d1e20..19fd622703f 100644 --- a/service/detective/options.go +++ b/service/detective/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/devicefarm/api_client.go b/service/devicefarm/api_client.go index 1ec7b650a63..fa6c8d55b93 100644 --- a/service/devicefarm/api_client.go +++ b/service/devicefarm/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/devicefarm/auth.go b/service/devicefarm/auth.go index a40d222f577..f59066a7def 100644 --- a/service/devicefarm/auth.go +++ b/service/devicefarm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/devicefarm/endpoints.go b/service/devicefarm/endpoints.go index a8cc90aa0b2..4960e741953 100644 --- a/service/devicefarm/endpoints.go +++ b/service/devicefarm/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/devicefarm/options.go b/service/devicefarm/options.go index 6ea0d54a1ed..2c3b08fc0ac 100644 --- a/service/devicefarm/options.go +++ b/service/devicefarm/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/devopsguru/api_client.go b/service/devopsguru/api_client.go index 9e9755a8dd3..3d64065e9c5 100644 --- a/service/devopsguru/api_client.go +++ b/service/devopsguru/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/devopsguru/auth.go b/service/devopsguru/auth.go index 1ee379495c4..f4429929e20 100644 --- a/service/devopsguru/auth.go +++ b/service/devopsguru/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/devopsguru/endpoints.go b/service/devopsguru/endpoints.go index 804ef6ab78e..b007c1a5f5a 100644 --- a/service/devopsguru/endpoints.go +++ b/service/devopsguru/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/devopsguru/options.go b/service/devopsguru/options.go index 07e231ee379..6717b3e4c68 100644 --- a/service/devopsguru/options.go +++ b/service/devopsguru/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/directconnect/api_client.go b/service/directconnect/api_client.go index 091dff66601..2cc21d2219e 100644 --- a/service/directconnect/api_client.go +++ b/service/directconnect/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/directconnect/auth.go b/service/directconnect/auth.go index a139fa60735..3f7d55d9889 100644 --- a/service/directconnect/auth.go +++ b/service/directconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/directconnect/endpoints.go b/service/directconnect/endpoints.go index 4dd0f39d637..01566c387fb 100644 --- a/service/directconnect/endpoints.go +++ b/service/directconnect/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/directconnect/options.go b/service/directconnect/options.go index fc3615a5bbf..7e568f4689a 100644 --- a/service/directconnect/options.go +++ b/service/directconnect/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/directoryservice/api_client.go b/service/directoryservice/api_client.go index 9feb14aff56..4902df05688 100644 --- a/service/directoryservice/api_client.go +++ b/service/directoryservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/directoryservice/auth.go b/service/directoryservice/auth.go index b36e99bc54d..7d1196027c4 100644 --- a/service/directoryservice/auth.go +++ b/service/directoryservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/directoryservice/endpoints.go b/service/directoryservice/endpoints.go index 1a9512bb58e..a42e74816ef 100644 --- a/service/directoryservice/endpoints.go +++ b/service/directoryservice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/directoryservice/options.go b/service/directoryservice/options.go index 24f9d04a966..a5a7df93e57 100644 --- a/service/directoryservice/options.go +++ b/service/directoryservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dlm/api_client.go b/service/dlm/api_client.go index daf7fe7ab14..3a01a1d8aec 100644 --- a/service/dlm/api_client.go +++ b/service/dlm/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/dlm/auth.go b/service/dlm/auth.go index 79126cd58ca..b44cfcaf4a1 100644 --- a/service/dlm/auth.go +++ b/service/dlm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dlm/endpoints.go b/service/dlm/endpoints.go index a4d6ee665b3..62b5ad00902 100644 --- a/service/dlm/endpoints.go +++ b/service/dlm/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dlm/options.go b/service/dlm/options.go index 2d56b3befc2..c7ac0f3bac7 100644 --- a/service/dlm/options.go +++ b/service/dlm/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/docdb/api_client.go b/service/docdb/api_client.go index 72e8e156e3a..8e46e8ce04a 100644 --- a/service/docdb/api_client.go +++ b/service/docdb/api_client.go @@ -18,6 +18,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -432,6 +434,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/docdb/auth.go b/service/docdb/auth.go index 80174b1760f..89594e0243d 100644 --- a/service/docdb/auth.go +++ b/service/docdb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/docdb/endpoints.go b/service/docdb/endpoints.go index 3008a5c5c0b..3a883466e82 100644 --- a/service/docdb/endpoints.go +++ b/service/docdb/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/docdb/options.go b/service/docdb/options.go index c5964e219ad..7aa3d940dc3 100644 --- a/service/docdb/options.go +++ b/service/docdb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/docdbelastic/api_client.go b/service/docdbelastic/api_client.go index 798abfa0f9e..fd06f86c50c 100644 --- a/service/docdbelastic/api_client.go +++ b/service/docdbelastic/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/docdbelastic/auth.go b/service/docdbelastic/auth.go index a1d7b716326..cff5efe9cc0 100644 --- a/service/docdbelastic/auth.go +++ b/service/docdbelastic/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/docdbelastic/endpoints.go b/service/docdbelastic/endpoints.go index 40a6444677f..9034ea301ae 100644 --- a/service/docdbelastic/endpoints.go +++ b/service/docdbelastic/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/docdbelastic/options.go b/service/docdbelastic/options.go index c02ac3d11f2..2ec6428783d 100644 --- a/service/docdbelastic/options.go +++ b/service/docdbelastic/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/drs/api_client.go b/service/drs/api_client.go index 1347cef14c2..bf7e271907a 100644 --- a/service/drs/api_client.go +++ b/service/drs/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/drs/auth.go b/service/drs/auth.go index 7acc999fb29..88660c4e3f0 100644 --- a/service/drs/auth.go +++ b/service/drs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/drs/endpoints.go b/service/drs/endpoints.go index 97cac8bd00b..6e7056cdf3b 100644 --- a/service/drs/endpoints.go +++ b/service/drs/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/drs/options.go b/service/drs/options.go index cdf5589f34d..1d4dae6ced6 100644 --- a/service/drs/options.go +++ b/service/drs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dynamodb/api_client.go b/service/dynamodb/api_client.go index 6e54d0328d2..ca0343af311 100644 --- a/service/dynamodb/api_client.go +++ b/service/dynamodb/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -245,15 +246,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -534,6 +536,37 @@ func (c *Client) handleEndpointDiscoveryFromService(ctx context.Context, input * return endpoint, nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/dynamodb/auth.go b/service/dynamodb/auth.go index 817a2851839..4e3363f5033 100644 --- a/service/dynamodb/auth.go +++ b/service/dynamodb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dynamodb/endpoints.go b/service/dynamodb/endpoints.go index 2b62d559bc9..e0bded65ee0 100644 --- a/service/dynamodb/endpoints.go +++ b/service/dynamodb/endpoints.go @@ -489,7 +489,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -519,6 +519,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -528,7 +532,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dynamodb/options.go b/service/dynamodb/options.go index bf88e3b7635..095e76612ec 100644 --- a/service/dynamodb/options.go +++ b/service/dynamodb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/dynamodbstreams/api_client.go b/service/dynamodbstreams/api_client.go index 5bb9b0dc4b0..fd82d094a14 100644 --- a/service/dynamodbstreams/api_client.go +++ b/service/dynamodbstreams/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/dynamodbstreams/auth.go b/service/dynamodbstreams/auth.go index 25738f652c9..f1b09d32559 100644 --- a/service/dynamodbstreams/auth.go +++ b/service/dynamodbstreams/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/dynamodbstreams/endpoints.go b/service/dynamodbstreams/endpoints.go index 519bd70800a..16274036d98 100644 --- a/service/dynamodbstreams/endpoints.go +++ b/service/dynamodbstreams/endpoints.go @@ -584,7 +584,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -614,6 +614,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -623,7 +627,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/dynamodbstreams/options.go b/service/dynamodbstreams/options.go index 6304b262f06..bf893ba5983 100644 --- a/service/dynamodbstreams/options.go +++ b/service/dynamodbstreams/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ebs/api_client.go b/service/ebs/api_client.go index 1158ab14ff0..b4c6f45ea9d 100644 --- a/service/ebs/api_client.go +++ b/service/ebs/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ebs/auth.go b/service/ebs/auth.go index a32582f7732..65aef6b2a6b 100644 --- a/service/ebs/auth.go +++ b/service/ebs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ebs/endpoints.go b/service/ebs/endpoints.go index 2edafb84c22..71602674e19 100644 --- a/service/ebs/endpoints.go +++ b/service/ebs/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ebs/options.go b/service/ebs/options.go index f36c486c948..263a467dacc 100644 --- a/service/ebs/options.go +++ b/service/ebs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ec2/api_client.go b/service/ec2/api_client.go index 84365b955b0..7940bdf9bfa 100644 --- a/service/ec2/api_client.go +++ b/service/ec2/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -443,6 +445,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ec2/auth.go b/service/ec2/auth.go index 2e29d836bcc..b4425e795ff 100644 --- a/service/ec2/auth.go +++ b/service/ec2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ec2/endpoints.go b/service/ec2/endpoints.go index 6423ebf2234..06d0fb00997 100644 --- a/service/ec2/endpoints.go +++ b/service/ec2/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ec2/options.go b/service/ec2/options.go index 37cb69d205f..036256d450f 100644 --- a/service/ec2/options.go +++ b/service/ec2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ec2instanceconnect/api_client.go b/service/ec2instanceconnect/api_client.go index 7ff6311ca28..ed071ff4edb 100644 --- a/service/ec2instanceconnect/api_client.go +++ b/service/ec2instanceconnect/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ec2instanceconnect/auth.go b/service/ec2instanceconnect/auth.go index 024c19c37e2..e2f735abf6c 100644 --- a/service/ec2instanceconnect/auth.go +++ b/service/ec2instanceconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ec2instanceconnect/endpoints.go b/service/ec2instanceconnect/endpoints.go index a3a37243e0b..e72e6e37066 100644 --- a/service/ec2instanceconnect/endpoints.go +++ b/service/ec2instanceconnect/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ec2instanceconnect/options.go b/service/ec2instanceconnect/options.go index 2816b454b5d..235e32dc8ae 100644 --- a/service/ec2instanceconnect/options.go +++ b/service/ec2instanceconnect/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecr/api_client.go b/service/ecr/api_client.go index f74882130ee..8043f7731c3 100644 --- a/service/ecr/api_client.go +++ b/service/ecr/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ecr/auth.go b/service/ecr/auth.go index 86ba7edf6b8..d97cca4c903 100644 --- a/service/ecr/auth.go +++ b/service/ecr/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecr/endpoints.go b/service/ecr/endpoints.go index b928bb088ec..ea70396a0aa 100644 --- a/service/ecr/endpoints.go +++ b/service/ecr/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecr/options.go b/service/ecr/options.go index 0de783e381c..5e352f3b31d 100644 --- a/service/ecr/options.go +++ b/service/ecr/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecrpublic/api_client.go b/service/ecrpublic/api_client.go index a9e71d814a1..f73879599b8 100644 --- a/service/ecrpublic/api_client.go +++ b/service/ecrpublic/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ecrpublic/auth.go b/service/ecrpublic/auth.go index 80729fbc78a..4cd785aef8f 100644 --- a/service/ecrpublic/auth.go +++ b/service/ecrpublic/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecrpublic/endpoints.go b/service/ecrpublic/endpoints.go index 6e2c49c79b8..c051e6d93a3 100644 --- a/service/ecrpublic/endpoints.go +++ b/service/ecrpublic/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecrpublic/options.go b/service/ecrpublic/options.go index 2845b43a8dd..0ed11566e5b 100644 --- a/service/ecrpublic/options.go +++ b/service/ecrpublic/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ecs/api_client.go b/service/ecs/api_client.go index 93f29da2d20..efd7cf75dfc 100644 --- a/service/ecs/api_client.go +++ b/service/ecs/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ecs/auth.go b/service/ecs/auth.go index 5aa04a20db8..6bc28b10f75 100644 --- a/service/ecs/auth.go +++ b/service/ecs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ecs/endpoints.go b/service/ecs/endpoints.go index 16fb79b6631..b24d02fd785 100644 --- a/service/ecs/endpoints.go +++ b/service/ecs/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ecs/options.go b/service/ecs/options.go index 9ecc7a35755..64ca94566e6 100644 --- a/service/ecs/options.go +++ b/service/ecs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/efs/api_client.go b/service/efs/api_client.go index f066b2f68eb..6359290fc2c 100644 --- a/service/efs/api_client.go +++ b/service/efs/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/efs/auth.go b/service/efs/auth.go index f5d2e317fcd..a51ba986dbe 100644 --- a/service/efs/auth.go +++ b/service/efs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/efs/endpoints.go b/service/efs/endpoints.go index 01698ef70b8..7b4740a100e 100644 --- a/service/efs/endpoints.go +++ b/service/efs/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/efs/options.go b/service/efs/options.go index 069a24e4a55..016bd634a5b 100644 --- a/service/efs/options.go +++ b/service/efs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eks/api_client.go b/service/eks/api_client.go index f7bcc7c3d8a..b27375ed553 100644 --- a/service/eks/api_client.go +++ b/service/eks/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/eks/auth.go b/service/eks/auth.go index 8de3011f101..e59113f65da 100644 --- a/service/eks/auth.go +++ b/service/eks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eks/endpoints.go b/service/eks/endpoints.go index 166f800fd0b..81a5586359f 100644 --- a/service/eks/endpoints.go +++ b/service/eks/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eks/options.go b/service/eks/options.go index 631a8c6e949..cf660af626e 100644 --- a/service/eks/options.go +++ b/service/eks/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eksauth/api_client.go b/service/eksauth/api_client.go index aef6d70c767..8178ee0fe6d 100644 --- a/service/eksauth/api_client.go +++ b/service/eksauth/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/eksauth/auth.go b/service/eksauth/auth.go index a1ce44f9076..a0d03b3b4f0 100644 --- a/service/eksauth/auth.go +++ b/service/eksauth/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eksauth/endpoints.go b/service/eksauth/endpoints.go index 3003c7a6536..3765642eec6 100644 --- a/service/eksauth/endpoints.go +++ b/service/eksauth/endpoints.go @@ -411,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,6 +440,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eksauth/options.go b/service/eksauth/options.go index 9332828cd7b..06ded369140 100644 --- a/service/eksauth/options.go +++ b/service/eksauth/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticache/api_client.go b/service/elasticache/api_client.go index a2134c011db..80ca3f43183 100644 --- a/service/elasticache/api_client.go +++ b/service/elasticache/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elasticache/auth.go b/service/elasticache/auth.go index fbd7f6111aa..679ea8712c4 100644 --- a/service/elasticache/auth.go +++ b/service/elasticache/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticache/endpoints.go b/service/elasticache/endpoints.go index f7ea773f892..8ab87c53f85 100644 --- a/service/elasticache/endpoints.go +++ b/service/elasticache/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticache/options.go b/service/elasticache/options.go index 8ff05b5d872..c3b8ec41552 100644 --- a/service/elasticache/options.go +++ b/service/elasticache/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticbeanstalk/api_client.go b/service/elasticbeanstalk/api_client.go index de60613ee01..09b0a18b768 100644 --- a/service/elasticbeanstalk/api_client.go +++ b/service/elasticbeanstalk/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elasticbeanstalk/auth.go b/service/elasticbeanstalk/auth.go index cb63dd48eb6..5e14fecffcd 100644 --- a/service/elasticbeanstalk/auth.go +++ b/service/elasticbeanstalk/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticbeanstalk/endpoints.go b/service/elasticbeanstalk/endpoints.go index 1388e2d9713..ac07282c3ae 100644 --- a/service/elasticbeanstalk/endpoints.go +++ b/service/elasticbeanstalk/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticbeanstalk/options.go b/service/elasticbeanstalk/options.go index 556136385fd..20ce06b096d 100644 --- a/service/elasticbeanstalk/options.go +++ b/service/elasticbeanstalk/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticinference/api_client.go b/service/elasticinference/api_client.go index e295a0ba91f..36de3b4a456 100644 --- a/service/elasticinference/api_client.go +++ b/service/elasticinference/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elasticinference/auth.go b/service/elasticinference/auth.go index 46398517c62..f1694238242 100644 --- a/service/elasticinference/auth.go +++ b/service/elasticinference/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticinference/endpoints.go b/service/elasticinference/endpoints.go index a3c58547aa1..de2b448e0e2 100644 --- a/service/elasticinference/endpoints.go +++ b/service/elasticinference/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticinference/options.go b/service/elasticinference/options.go index a85a7dd5a28..2ee8af401c9 100644 --- a/service/elasticinference/options.go +++ b/service/elasticinference/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticloadbalancing/api_client.go b/service/elasticloadbalancing/api_client.go index 27ea617cd76..b4888c58266 100644 --- a/service/elasticloadbalancing/api_client.go +++ b/service/elasticloadbalancing/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elasticloadbalancing/auth.go b/service/elasticloadbalancing/auth.go index b337a92f47e..3ad469b5d82 100644 --- a/service/elasticloadbalancing/auth.go +++ b/service/elasticloadbalancing/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticloadbalancing/endpoints.go b/service/elasticloadbalancing/endpoints.go index 8244497d310..e0e423da228 100644 --- a/service/elasticloadbalancing/endpoints.go +++ b/service/elasticloadbalancing/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticloadbalancing/options.go b/service/elasticloadbalancing/options.go index e727763ea75..ab0bf56413a 100644 --- a/service/elasticloadbalancing/options.go +++ b/service/elasticloadbalancing/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticloadbalancingv2/api_client.go b/service/elasticloadbalancingv2/api_client.go index a15c94adb83..cd4e419166a 100644 --- a/service/elasticloadbalancingv2/api_client.go +++ b/service/elasticloadbalancingv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elasticloadbalancingv2/auth.go b/service/elasticloadbalancingv2/auth.go index 88459c677f4..feaf147dfc3 100644 --- a/service/elasticloadbalancingv2/auth.go +++ b/service/elasticloadbalancingv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticloadbalancingv2/endpoints.go b/service/elasticloadbalancingv2/endpoints.go index 4dd1b2f905d..0d663f61ea0 100644 --- a/service/elasticloadbalancingv2/endpoints.go +++ b/service/elasticloadbalancingv2/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticloadbalancingv2/options.go b/service/elasticloadbalancingv2/options.go index 8d973890d08..3d2d9180ef1 100644 --- a/service/elasticloadbalancingv2/options.go +++ b/service/elasticloadbalancingv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elasticsearchservice/api_client.go b/service/elasticsearchservice/api_client.go index 9e58807ddfa..4a5b4aa0e6d 100644 --- a/service/elasticsearchservice/api_client.go +++ b/service/elasticsearchservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elasticsearchservice/auth.go b/service/elasticsearchservice/auth.go index 15fe8b011f2..f4673e47a3c 100644 --- a/service/elasticsearchservice/auth.go +++ b/service/elasticsearchservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elasticsearchservice/endpoints.go b/service/elasticsearchservice/endpoints.go index 9dfee48a030..f2be08d36d3 100644 --- a/service/elasticsearchservice/endpoints.go +++ b/service/elasticsearchservice/endpoints.go @@ -496,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,6 +526,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elasticsearchservice/options.go b/service/elasticsearchservice/options.go index c3e0bd9f3dc..14a4acb7c06 100644 --- a/service/elasticsearchservice/options.go +++ b/service/elasticsearchservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/elastictranscoder/api_client.go b/service/elastictranscoder/api_client.go index 7b64bdb4541..66934611c5b 100644 --- a/service/elastictranscoder/api_client.go +++ b/service/elastictranscoder/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/elastictranscoder/auth.go b/service/elastictranscoder/auth.go index 161aee240ec..656250b6670 100644 --- a/service/elastictranscoder/auth.go +++ b/service/elastictranscoder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/elastictranscoder/endpoints.go b/service/elastictranscoder/endpoints.go index 13b2e0dbe36..6c16f1597c2 100644 --- a/service/elastictranscoder/endpoints.go +++ b/service/elastictranscoder/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/elastictranscoder/options.go b/service/elastictranscoder/options.go index f079c228073..2c5ad555123 100644 --- a/service/elastictranscoder/options.go +++ b/service/elastictranscoder/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emr/api_client.go b/service/emr/api_client.go index 52a6ab728c9..3a3649476cd 100644 --- a/service/emr/api_client.go +++ b/service/emr/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/emr/auth.go b/service/emr/auth.go index 163f6cd1c0d..2f55d6fbd1e 100644 --- a/service/emr/auth.go +++ b/service/emr/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emr/endpoints.go b/service/emr/endpoints.go index 9e1dab4ea3a..e58b0efc4a8 100644 --- a/service/emr/endpoints.go +++ b/service/emr/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emr/options.go b/service/emr/options.go index 1eec3a958dc..92bc16918f2 100644 --- a/service/emr/options.go +++ b/service/emr/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emrcontainers/api_client.go b/service/emrcontainers/api_client.go index 3756ca2ab46..db4e5c67c6d 100644 --- a/service/emrcontainers/api_client.go +++ b/service/emrcontainers/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/emrcontainers/auth.go b/service/emrcontainers/auth.go index 974f9db8255..64eda43e957 100644 --- a/service/emrcontainers/auth.go +++ b/service/emrcontainers/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emrcontainers/endpoints.go b/service/emrcontainers/endpoints.go index 886f4987e0b..4c63528b298 100644 --- a/service/emrcontainers/endpoints.go +++ b/service/emrcontainers/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emrcontainers/options.go b/service/emrcontainers/options.go index 44235eaa69e..463e8f405fd 100644 --- a/service/emrcontainers/options.go +++ b/service/emrcontainers/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/emrserverless/api_client.go b/service/emrserverless/api_client.go index cc257d7576c..105f75b5c9d 100644 --- a/service/emrserverless/api_client.go +++ b/service/emrserverless/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/emrserverless/auth.go b/service/emrserverless/auth.go index deb3f26d0e3..71f4d394348 100644 --- a/service/emrserverless/auth.go +++ b/service/emrserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/emrserverless/endpoints.go b/service/emrserverless/endpoints.go index 2708c36f9c6..f45cb2d6182 100644 --- a/service/emrserverless/endpoints.go +++ b/service/emrserverless/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/emrserverless/options.go b/service/emrserverless/options.go index 9846f62e8c8..33795e9145a 100644 --- a/service/emrserverless/options.go +++ b/service/emrserverless/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/entityresolution/api_client.go b/service/entityresolution/api_client.go index ba5fb293cf5..efeebb15ffb 100644 --- a/service/entityresolution/api_client.go +++ b/service/entityresolution/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/entityresolution/auth.go b/service/entityresolution/auth.go index 2f84e6c3c1a..8a6ebed43ac 100644 --- a/service/entityresolution/auth.go +++ b/service/entityresolution/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/entityresolution/endpoints.go b/service/entityresolution/endpoints.go index 2f8b96ad0e3..da2e8888b13 100644 --- a/service/entityresolution/endpoints.go +++ b/service/entityresolution/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/entityresolution/options.go b/service/entityresolution/options.go index 6ed3e8aa213..aa8bc074643 100644 --- a/service/entityresolution/options.go +++ b/service/entityresolution/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/eventbridge/api_client.go b/service/eventbridge/api_client.go index b7182bd1f87..a57137fbc54 100644 --- a/service/eventbridge/api_client.go +++ b/service/eventbridge/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/v4a" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -438,6 +440,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -458,6 +472,25 @@ func newDefaultV4aSigner(o Options) *v4a.Signer { }) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/eventbridge/auth.go b/service/eventbridge/auth.go index 5623cfb524d..6797c47a26e 100644 --- a/service/eventbridge/auth.go +++ b/service/eventbridge/auth.go @@ -12,12 +12,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } -func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { - params.endpointParams = bindEndpointParams(input, options) +func bindAuthEndpointParams(ctx context.Context, params *AuthResolverParameters, input interface{}, options Options) { + params.endpointParams = bindEndpointParams(ctx, input, options) } type setLegacyContextSigningOptionsMiddleware struct { @@ -98,13 +98,13 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthEndpointParams(params, input, options) - bindAuthParamsRegion(params, input, options) + bindAuthEndpointParams(ctx, params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -164,7 +164,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/eventbridge/endpoints.go b/service/eventbridge/endpoints.go index f79efc60d97..80e548eafa4 100644 --- a/service/eventbridge/endpoints.go +++ b/service/eventbridge/endpoints.go @@ -597,7 +597,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -627,6 +627,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -636,7 +640,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/eventbridge/options.go b/service/eventbridge/options.go index 8784fd46d99..d4bd377fff8 100644 --- a/service/eventbridge/options.go +++ b/service/eventbridge/options.go @@ -26,6 +26,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/evidently/api_client.go b/service/evidently/api_client.go index aed8455a685..ce7edd95af2 100644 --- a/service/evidently/api_client.go +++ b/service/evidently/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/evidently/auth.go b/service/evidently/auth.go index 3a8a8a429f7..dd392aa441e 100644 --- a/service/evidently/auth.go +++ b/service/evidently/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/evidently/endpoints.go b/service/evidently/endpoints.go index 8755aaafec4..7103d607a45 100644 --- a/service/evidently/endpoints.go +++ b/service/evidently/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/evidently/options.go b/service/evidently/options.go index d48d85e5264..e5f9c69bfe2 100644 --- a/service/evidently/options.go +++ b/service/evidently/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/finspace/api_client.go b/service/finspace/api_client.go index 486a6799118..14f8fc561a1 100644 --- a/service/finspace/api_client.go +++ b/service/finspace/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -235,15 +236,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -471,6 +473,37 @@ func addRestJsonContentTypeCustomization(stack *middleware.Stack) error { return stack.Serialize.Insert(&customizeRestJsonContentType{}, "OperationSerializer", middleware.After) } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/finspace/auth.go b/service/finspace/auth.go index 6095c338a3e..1a3cd729ab8 100644 --- a/service/finspace/auth.go +++ b/service/finspace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/finspace/endpoints.go b/service/finspace/endpoints.go index 8544bc049cc..ca19e90837f 100644 --- a/service/finspace/endpoints.go +++ b/service/finspace/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/finspace/options.go b/service/finspace/options.go index d05e3f637db..b038fddf6f6 100644 --- a/service/finspace/options.go +++ b/service/finspace/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/finspacedata/api_client.go b/service/finspacedata/api_client.go index f845e2efab4..4c24c71a793 100644 --- a/service/finspacedata/api_client.go +++ b/service/finspacedata/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -470,6 +472,37 @@ func addRestJsonContentTypeCustomization(stack *middleware.Stack) error { return stack.Serialize.Insert(&customizeRestJsonContentType{}, "OperationSerializer", middleware.After) } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/finspacedata/auth.go b/service/finspacedata/auth.go index cd1251577e0..7b4a287e67d 100644 --- a/service/finspacedata/auth.go +++ b/service/finspacedata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/finspacedata/endpoints.go b/service/finspacedata/endpoints.go index be4297ded9f..c0d4a672483 100644 --- a/service/finspacedata/endpoints.go +++ b/service/finspacedata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/finspacedata/options.go b/service/finspacedata/options.go index ce1e20d6833..05c425ff466 100644 --- a/service/finspacedata/options.go +++ b/service/finspacedata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/firehose/api_client.go b/service/firehose/api_client.go index b82b5493162..a81645de2d5 100644 --- a/service/firehose/api_client.go +++ b/service/firehose/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/firehose/auth.go b/service/firehose/auth.go index 7481cb66ed5..f1613ef4a49 100644 --- a/service/firehose/auth.go +++ b/service/firehose/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/firehose/endpoints.go b/service/firehose/endpoints.go index eb0a926e753..d8da8d2d0c0 100644 --- a/service/firehose/endpoints.go +++ b/service/firehose/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/firehose/options.go b/service/firehose/options.go index 3cd93b7b433..4e6385cfc32 100644 --- a/service/firehose/options.go +++ b/service/firehose/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fis/api_client.go b/service/fis/api_client.go index 33f8df0c913..4336e279b72 100644 --- a/service/fis/api_client.go +++ b/service/fis/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/fis/auth.go b/service/fis/auth.go index 1fdfb6d6b58..f777d522db1 100644 --- a/service/fis/auth.go +++ b/service/fis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fis/endpoints.go b/service/fis/endpoints.go index 6ee556216c9..b3f255c9e06 100644 --- a/service/fis/endpoints.go +++ b/service/fis/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fis/options.go b/service/fis/options.go index 0e200e39066..df432e2f001 100644 --- a/service/fis/options.go +++ b/service/fis/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fms/api_client.go b/service/fms/api_client.go index dc13905d692..d8514fe9c9a 100644 --- a/service/fms/api_client.go +++ b/service/fms/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/fms/auth.go b/service/fms/auth.go index 2e5e9adeebb..d153dc500b5 100644 --- a/service/fms/auth.go +++ b/service/fms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fms/endpoints.go b/service/fms/endpoints.go index e062464a0a8..92e5adf8a09 100644 --- a/service/fms/endpoints.go +++ b/service/fms/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fms/options.go b/service/fms/options.go index 2105e2eabb0..ace9698b3cf 100644 --- a/service/fms/options.go +++ b/service/fms/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/forecast/api_client.go b/service/forecast/api_client.go index ea72a0e3fbf..7cf666c2488 100644 --- a/service/forecast/api_client.go +++ b/service/forecast/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/forecast/auth.go b/service/forecast/auth.go index b8aab0c76bf..7c9e9a5dd0a 100644 --- a/service/forecast/auth.go +++ b/service/forecast/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/forecast/endpoints.go b/service/forecast/endpoints.go index 7c2a1805524..2ec67ad6418 100644 --- a/service/forecast/endpoints.go +++ b/service/forecast/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/forecast/options.go b/service/forecast/options.go index 0cbc85cecd7..5e39e5ad8ba 100644 --- a/service/forecast/options.go +++ b/service/forecast/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/forecastquery/api_client.go b/service/forecastquery/api_client.go index 7da40e8caed..f96be6a0296 100644 --- a/service/forecastquery/api_client.go +++ b/service/forecastquery/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/forecastquery/auth.go b/service/forecastquery/auth.go index f0bce8c4315..72bb2376691 100644 --- a/service/forecastquery/auth.go +++ b/service/forecastquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/forecastquery/endpoints.go b/service/forecastquery/endpoints.go index 68a4b64dcbc..b961f0d6d24 100644 --- a/service/forecastquery/endpoints.go +++ b/service/forecastquery/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/forecastquery/options.go b/service/forecastquery/options.go index bfd8c7ed464..3467ec05359 100644 --- a/service/forecastquery/options.go +++ b/service/forecastquery/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/frauddetector/api_client.go b/service/frauddetector/api_client.go index b0b690a2d56..4716378928e 100644 --- a/service/frauddetector/api_client.go +++ b/service/frauddetector/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/frauddetector/auth.go b/service/frauddetector/auth.go index 5250dd45969..d222327c82e 100644 --- a/service/frauddetector/auth.go +++ b/service/frauddetector/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/frauddetector/endpoints.go b/service/frauddetector/endpoints.go index 65604deaad1..aa5efbfe33d 100644 --- a/service/frauddetector/endpoints.go +++ b/service/frauddetector/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/frauddetector/options.go b/service/frauddetector/options.go index 1d2051b056b..cc7f831d4b6 100644 --- a/service/frauddetector/options.go +++ b/service/frauddetector/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/freetier/api_client.go b/service/freetier/api_client.go index 19b4c569a04..9178cce9f45 100644 --- a/service/freetier/api_client.go +++ b/service/freetier/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/freetier/auth.go b/service/freetier/auth.go index a0ebc6c9548..3122453d368 100644 --- a/service/freetier/auth.go +++ b/service/freetier/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/freetier/endpoints.go b/service/freetier/endpoints.go index 8e9a6f1a66d..3ea924e5f79 100644 --- a/service/freetier/endpoints.go +++ b/service/freetier/endpoints.go @@ -524,7 +524,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -553,6 +553,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -562,7 +566,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/freetier/options.go b/service/freetier/options.go index 432e3f85ff0..5aa805a6034 100644 --- a/service/freetier/options.go +++ b/service/freetier/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/fsx/api_client.go b/service/fsx/api_client.go index 4bc87eca7b0..34a1275786a 100644 --- a/service/fsx/api_client.go +++ b/service/fsx/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/fsx/auth.go b/service/fsx/auth.go index b76fcc777f7..55f00d3fbbb 100644 --- a/service/fsx/auth.go +++ b/service/fsx/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/fsx/endpoints.go b/service/fsx/endpoints.go index a6c962ce298..7d0046c5883 100644 --- a/service/fsx/endpoints.go +++ b/service/fsx/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/fsx/options.go b/service/fsx/options.go index b5ee9bcef82..46d30658903 100644 --- a/service/fsx/options.go +++ b/service/fsx/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/gamelift/api_client.go b/service/gamelift/api_client.go index 9c91f0d2803..1756ab7d17c 100644 --- a/service/gamelift/api_client.go +++ b/service/gamelift/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/gamelift/auth.go b/service/gamelift/auth.go index c94d706bb7e..1578db65a39 100644 --- a/service/gamelift/auth.go +++ b/service/gamelift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/gamelift/endpoints.go b/service/gamelift/endpoints.go index 262afb6915a..c7be55be11a 100644 --- a/service/gamelift/endpoints.go +++ b/service/gamelift/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/gamelift/options.go b/service/gamelift/options.go index e7f7d52575c..e37c67bb928 100644 --- a/service/gamelift/options.go +++ b/service/gamelift/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/glacier/api_client.go b/service/glacier/api_client.go index 766f83f35ff..f8b6341299f 100644 --- a/service/glacier/api_client.go +++ b/service/glacier/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/glacier/auth.go b/service/glacier/auth.go index 1717f878207..c1bc2d0cdcc 100644 --- a/service/glacier/auth.go +++ b/service/glacier/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/glacier/endpoints.go b/service/glacier/endpoints.go index c35e88f098f..0e109e36cfe 100644 --- a/service/glacier/endpoints.go +++ b/service/glacier/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/glacier/options.go b/service/glacier/options.go index d2555d6d115..53172cc46e6 100644 --- a/service/glacier/options.go +++ b/service/glacier/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/globalaccelerator/api_client.go b/service/globalaccelerator/api_client.go index baf05e611d8..25ac8fe743d 100644 --- a/service/globalaccelerator/api_client.go +++ b/service/globalaccelerator/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/globalaccelerator/auth.go b/service/globalaccelerator/auth.go index 4cd6e297d35..1ec2c8a7065 100644 --- a/service/globalaccelerator/auth.go +++ b/service/globalaccelerator/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/globalaccelerator/endpoints.go b/service/globalaccelerator/endpoints.go index 5f0c50b4758..19326e9bbcf 100644 --- a/service/globalaccelerator/endpoints.go +++ b/service/globalaccelerator/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/globalaccelerator/options.go b/service/globalaccelerator/options.go index 06c47c2a1c4..1eebc528ecc 100644 --- a/service/globalaccelerator/options.go +++ b/service/globalaccelerator/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/glue/api_client.go b/service/glue/api_client.go index 40bd84bb622..b84fa9744f4 100644 --- a/service/glue/api_client.go +++ b/service/glue/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/glue/auth.go b/service/glue/auth.go index e4f837742ce..aac2762139b 100644 --- a/service/glue/auth.go +++ b/service/glue/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/glue/endpoints.go b/service/glue/endpoints.go index e1334664a32..722e3b3496e 100644 --- a/service/glue/endpoints.go +++ b/service/glue/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/glue/options.go b/service/glue/options.go index 421fb06101a..003875763fc 100644 --- a/service/glue/options.go +++ b/service/glue/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/grafana/api_client.go b/service/grafana/api_client.go index 1c53c378a3b..058394f5515 100644 --- a/service/grafana/api_client.go +++ b/service/grafana/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/grafana/auth.go b/service/grafana/auth.go index 336ae476fb6..16200c2a783 100644 --- a/service/grafana/auth.go +++ b/service/grafana/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/grafana/endpoints.go b/service/grafana/endpoints.go index 4f7a7328bea..bec0d435403 100644 --- a/service/grafana/endpoints.go +++ b/service/grafana/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/grafana/options.go b/service/grafana/options.go index 07343295723..ad3aa69f25a 100644 --- a/service/grafana/options.go +++ b/service/grafana/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/greengrass/api_client.go b/service/greengrass/api_client.go index 7239e78f5d1..f1724db9854 100644 --- a/service/greengrass/api_client.go +++ b/service/greengrass/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/greengrass/auth.go b/service/greengrass/auth.go index 020ca4e3efe..2be3307abd6 100644 --- a/service/greengrass/auth.go +++ b/service/greengrass/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/greengrass/endpoints.go b/service/greengrass/endpoints.go index 9fdfe69982c..d1b0c8847a4 100644 --- a/service/greengrass/endpoints.go +++ b/service/greengrass/endpoints.go @@ -526,7 +526,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -556,6 +556,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -565,7 +569,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/greengrass/options.go b/service/greengrass/options.go index 0d05863cc73..ffd4116f84d 100644 --- a/service/greengrass/options.go +++ b/service/greengrass/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/greengrassv2/api_client.go b/service/greengrassv2/api_client.go index 1ab48153aed..780c4b970d7 100644 --- a/service/greengrassv2/api_client.go +++ b/service/greengrassv2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/greengrassv2/auth.go b/service/greengrassv2/auth.go index e65fd863f17..469a30cb3f2 100644 --- a/service/greengrassv2/auth.go +++ b/service/greengrassv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/greengrassv2/endpoints.go b/service/greengrassv2/endpoints.go index 2d506fe1c1f..61fe3e6001c 100644 --- a/service/greengrassv2/endpoints.go +++ b/service/greengrassv2/endpoints.go @@ -526,7 +526,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -556,6 +556,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -565,7 +569,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/greengrassv2/options.go b/service/greengrassv2/options.go index 92d1b73838b..1b34afa6da1 100644 --- a/service/greengrassv2/options.go +++ b/service/greengrassv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/groundstation/api_client.go b/service/groundstation/api_client.go index e9bcc1b5cea..ebe8ad2ee51 100644 --- a/service/groundstation/api_client.go +++ b/service/groundstation/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/groundstation/auth.go b/service/groundstation/auth.go index 120c2285305..f95c04202c2 100644 --- a/service/groundstation/auth.go +++ b/service/groundstation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/groundstation/endpoints.go b/service/groundstation/endpoints.go index 29bafc77cb4..1dd540ad441 100644 --- a/service/groundstation/endpoints.go +++ b/service/groundstation/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/groundstation/options.go b/service/groundstation/options.go index c744e570d72..b2c9d9e011f 100644 --- a/service/groundstation/options.go +++ b/service/groundstation/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/guardduty/api_client.go b/service/guardduty/api_client.go index 124e639eb78..ebe736d13ac 100644 --- a/service/guardduty/api_client.go +++ b/service/guardduty/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/guardduty/auth.go b/service/guardduty/auth.go index c0187b3da94..334e6f3cec6 100644 --- a/service/guardduty/auth.go +++ b/service/guardduty/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/guardduty/endpoints.go b/service/guardduty/endpoints.go index 7af0cb8aa39..c66aed0894c 100644 --- a/service/guardduty/endpoints.go +++ b/service/guardduty/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/guardduty/options.go b/service/guardduty/options.go index 8c40066092d..426317778a4 100644 --- a/service/guardduty/options.go +++ b/service/guardduty/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/health/api_client.go b/service/health/api_client.go index a5fab6c9875..df92ba9eb56 100644 --- a/service/health/api_client.go +++ b/service/health/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/health/auth.go b/service/health/auth.go index 4ec1bd7ad99..d892bb97940 100644 --- a/service/health/auth.go +++ b/service/health/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/health/endpoints.go b/service/health/endpoints.go index 7e85ef0093e..f00b6ce1185 100644 --- a/service/health/endpoints.go +++ b/service/health/endpoints.go @@ -500,7 +500,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -530,6 +530,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -539,7 +543,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/health/options.go b/service/health/options.go index a820fd9d525..e6323be547d 100644 --- a/service/health/options.go +++ b/service/health/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/healthlake/api_client.go b/service/healthlake/api_client.go index 005ff95cbc3..038c7b797e9 100644 --- a/service/healthlake/api_client.go +++ b/service/healthlake/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/healthlake/auth.go b/service/healthlake/auth.go index 41c504098a6..7bce633c305 100644 --- a/service/healthlake/auth.go +++ b/service/healthlake/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/healthlake/endpoints.go b/service/healthlake/endpoints.go index dcb139b8da2..f88a071e945 100644 --- a/service/healthlake/endpoints.go +++ b/service/healthlake/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/healthlake/options.go b/service/healthlake/options.go index 49ab3b42377..c7aaa783990 100644 --- a/service/healthlake/options.go +++ b/service/healthlake/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/honeycode/api_client.go b/service/honeycode/api_client.go index a5572474d14..62312173548 100644 --- a/service/honeycode/api_client.go +++ b/service/honeycode/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/honeycode/auth.go b/service/honeycode/auth.go index 0b88434d806..0994b644c70 100644 --- a/service/honeycode/auth.go +++ b/service/honeycode/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/honeycode/endpoints.go b/service/honeycode/endpoints.go index 2105e6d4969..56204090632 100644 --- a/service/honeycode/endpoints.go +++ b/service/honeycode/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/honeycode/options.go b/service/honeycode/options.go index aee88c423f5..fe8eef2727f 100644 --- a/service/honeycode/options.go +++ b/service/honeycode/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iam/api_client.go b/service/iam/api_client.go index 5d38106aecc..880032a2d74 100644 --- a/service/iam/api_client.go +++ b/service/iam/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iam/auth.go b/service/iam/auth.go index f7f5917156a..27aaba128b1 100644 --- a/service/iam/auth.go +++ b/service/iam/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iam/endpoints.go b/service/iam/endpoints.go index 63c2b352083..cb326a8c35e 100644 --- a/service/iam/endpoints.go +++ b/service/iam/endpoints.go @@ -746,7 +746,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -776,6 +776,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -785,7 +789,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iam/options.go b/service/iam/options.go index 9dc917618cf..d42557798b3 100644 --- a/service/iam/options.go +++ b/service/iam/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/identitystore/api_client.go b/service/identitystore/api_client.go index 89d6c42e671..b970230ca83 100644 --- a/service/identitystore/api_client.go +++ b/service/identitystore/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/identitystore/auth.go b/service/identitystore/auth.go index 57fc2a7b377..26ac0e0d8d2 100644 --- a/service/identitystore/auth.go +++ b/service/identitystore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/identitystore/endpoints.go b/service/identitystore/endpoints.go index 5eb3a365867..bfaab229e4f 100644 --- a/service/identitystore/endpoints.go +++ b/service/identitystore/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/identitystore/options.go b/service/identitystore/options.go index 4d799bfbe1d..6e5964a32a8 100644 --- a/service/identitystore/options.go +++ b/service/identitystore/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/imagebuilder/api_client.go b/service/imagebuilder/api_client.go index 1675f1a7bdb..743058e7385 100644 --- a/service/imagebuilder/api_client.go +++ b/service/imagebuilder/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/imagebuilder/auth.go b/service/imagebuilder/auth.go index a92e040d166..f24a0909364 100644 --- a/service/imagebuilder/auth.go +++ b/service/imagebuilder/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/imagebuilder/endpoints.go b/service/imagebuilder/endpoints.go index 66b5621ed49..e38da2d549a 100644 --- a/service/imagebuilder/endpoints.go +++ b/service/imagebuilder/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/imagebuilder/options.go b/service/imagebuilder/options.go index 8d6360bb408..f28f02c10b2 100644 --- a/service/imagebuilder/options.go +++ b/service/imagebuilder/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspector/api_client.go b/service/inspector/api_client.go index f4d1ff8b807..0662c46834c 100644 --- a/service/inspector/api_client.go +++ b/service/inspector/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/inspector/auth.go b/service/inspector/auth.go index 60736093ef4..2551cd1b1fe 100644 --- a/service/inspector/auth.go +++ b/service/inspector/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspector/endpoints.go b/service/inspector/endpoints.go index 49706fcfd59..b1fdb75ed8b 100644 --- a/service/inspector/endpoints.go +++ b/service/inspector/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspector/options.go b/service/inspector/options.go index 61d1610916f..49cffd79748 100644 --- a/service/inspector/options.go +++ b/service/inspector/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspector2/api_client.go b/service/inspector2/api_client.go index 9afceaf2f10..3723d43c598 100644 --- a/service/inspector2/api_client.go +++ b/service/inspector2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/inspector2/auth.go b/service/inspector2/auth.go index 300dff2a278..f0c789763bd 100644 --- a/service/inspector2/auth.go +++ b/service/inspector2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspector2/endpoints.go b/service/inspector2/endpoints.go index 4ec8a753177..34120a614e0 100644 --- a/service/inspector2/endpoints.go +++ b/service/inspector2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspector2/options.go b/service/inspector2/options.go index 7f2ffd7de25..265ce4821b4 100644 --- a/service/inspector2/options.go +++ b/service/inspector2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/inspectorscan/api_client.go b/service/inspectorscan/api_client.go index 3b146a7116a..ad1e8785011 100644 --- a/service/inspectorscan/api_client.go +++ b/service/inspectorscan/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/inspectorscan/auth.go b/service/inspectorscan/auth.go index e81c82b2a7a..d454ca7e6e9 100644 --- a/service/inspectorscan/auth.go +++ b/service/inspectorscan/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/inspectorscan/endpoints.go b/service/inspectorscan/endpoints.go index c58eb1dca39..1f542645891 100644 --- a/service/inspectorscan/endpoints.go +++ b/service/inspectorscan/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/inspectorscan/options.go b/service/inspectorscan/options.go index bb5adfd027c..5474ee6df36 100644 --- a/service/inspectorscan/options.go +++ b/service/inspectorscan/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/internetmonitor/api_client.go b/service/internetmonitor/api_client.go index c31b53565d3..5cf9226556e 100644 --- a/service/internetmonitor/api_client.go +++ b/service/internetmonitor/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/internetmonitor/auth.go b/service/internetmonitor/auth.go index 1b9db4666d2..9b7603afe54 100644 --- a/service/internetmonitor/auth.go +++ b/service/internetmonitor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/internetmonitor/endpoints.go b/service/internetmonitor/endpoints.go index ce1031950a0..a184b024be4 100644 --- a/service/internetmonitor/endpoints.go +++ b/service/internetmonitor/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/internetmonitor/options.go b/service/internetmonitor/options.go index eb145a63961..0ddee46f846 100644 --- a/service/internetmonitor/options.go +++ b/service/internetmonitor/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot/api_client.go b/service/iot/api_client.go index 519b3ec012f..d2b799a56c3 100644 --- a/service/iot/api_client.go +++ b/service/iot/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iot/auth.go b/service/iot/auth.go index f93b65e53b8..4b680e933c7 100644 --- a/service/iot/auth.go +++ b/service/iot/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot/endpoints.go b/service/iot/endpoints.go index 8367227ea33..dc051fb29f9 100644 --- a/service/iot/endpoints.go +++ b/service/iot/endpoints.go @@ -496,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,6 +526,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot/options.go b/service/iot/options.go index 199ca1c2b5f..95dbfa2c5ff 100644 --- a/service/iot/options.go +++ b/service/iot/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot1clickdevicesservice/api_client.go b/service/iot1clickdevicesservice/api_client.go index 3c7b030d2c9..4c41cb706fe 100644 --- a/service/iot1clickdevicesservice/api_client.go +++ b/service/iot1clickdevicesservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iot1clickdevicesservice/auth.go b/service/iot1clickdevicesservice/auth.go index 5a87b0f6beb..c24cf0fedd5 100644 --- a/service/iot1clickdevicesservice/auth.go +++ b/service/iot1clickdevicesservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot1clickdevicesservice/endpoints.go b/service/iot1clickdevicesservice/endpoints.go index 60f57289c70..1c6531d38cb 100644 --- a/service/iot1clickdevicesservice/endpoints.go +++ b/service/iot1clickdevicesservice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot1clickdevicesservice/options.go b/service/iot1clickdevicesservice/options.go index 2fa8d97b754..54f6b149ee0 100644 --- a/service/iot1clickdevicesservice/options.go +++ b/service/iot1clickdevicesservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iot1clickprojects/api_client.go b/service/iot1clickprojects/api_client.go index df1f9a7b0d7..a8858e8a0d1 100644 --- a/service/iot1clickprojects/api_client.go +++ b/service/iot1clickprojects/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iot1clickprojects/auth.go b/service/iot1clickprojects/auth.go index be8461a7418..66c435700a2 100644 --- a/service/iot1clickprojects/auth.go +++ b/service/iot1clickprojects/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iot1clickprojects/endpoints.go b/service/iot1clickprojects/endpoints.go index 0d46c10c042..e3929ce8216 100644 --- a/service/iot1clickprojects/endpoints.go +++ b/service/iot1clickprojects/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iot1clickprojects/options.go b/service/iot1clickprojects/options.go index c13808d2377..db044a0095c 100644 --- a/service/iot1clickprojects/options.go +++ b/service/iot1clickprojects/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotanalytics/api_client.go b/service/iotanalytics/api_client.go index 492acc2b50c..3d2497f75b9 100644 --- a/service/iotanalytics/api_client.go +++ b/service/iotanalytics/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotanalytics/auth.go b/service/iotanalytics/auth.go index 5e1bc48b217..e4e44df8b69 100644 --- a/service/iotanalytics/auth.go +++ b/service/iotanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotanalytics/endpoints.go b/service/iotanalytics/endpoints.go index a8012603e23..c1245d36aae 100644 --- a/service/iotanalytics/endpoints.go +++ b/service/iotanalytics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotanalytics/options.go b/service/iotanalytics/options.go index ab3fe3f26d8..f935dbbe644 100644 --- a/service/iotanalytics/options.go +++ b/service/iotanalytics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotdataplane/api_client.go b/service/iotdataplane/api_client.go index 3818b6fd2d4..a9388217a63 100644 --- a/service/iotdataplane/api_client.go +++ b/service/iotdataplane/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotdataplane/auth.go b/service/iotdataplane/auth.go index bcd7e31a15a..13572f3dda8 100644 --- a/service/iotdataplane/auth.go +++ b/service/iotdataplane/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotdataplane/endpoints.go b/service/iotdataplane/endpoints.go index b2d9a25e950..6f95ce1ab9d 100644 --- a/service/iotdataplane/endpoints.go +++ b/service/iotdataplane/endpoints.go @@ -600,7 +600,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -630,6 +630,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -639,7 +643,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotdataplane/options.go b/service/iotdataplane/options.go index 8e802fe6d09..0c75850a086 100644 --- a/service/iotdataplane/options.go +++ b/service/iotdataplane/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotdeviceadvisor/api_client.go b/service/iotdeviceadvisor/api_client.go index 25496ac786d..07959e81ee7 100644 --- a/service/iotdeviceadvisor/api_client.go +++ b/service/iotdeviceadvisor/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotdeviceadvisor/auth.go b/service/iotdeviceadvisor/auth.go index f0aac369978..0cf6d8b4913 100644 --- a/service/iotdeviceadvisor/auth.go +++ b/service/iotdeviceadvisor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotdeviceadvisor/endpoints.go b/service/iotdeviceadvisor/endpoints.go index b9c2f06076f..4b9a5887e29 100644 --- a/service/iotdeviceadvisor/endpoints.go +++ b/service/iotdeviceadvisor/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotdeviceadvisor/options.go b/service/iotdeviceadvisor/options.go index caba27c91ba..6f648d593c9 100644 --- a/service/iotdeviceadvisor/options.go +++ b/service/iotdeviceadvisor/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotevents/api_client.go b/service/iotevents/api_client.go index c9d98db9733..1193a14c497 100644 --- a/service/iotevents/api_client.go +++ b/service/iotevents/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotevents/auth.go b/service/iotevents/auth.go index 939517f776b..e3e1d49deaf 100644 --- a/service/iotevents/auth.go +++ b/service/iotevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotevents/endpoints.go b/service/iotevents/endpoints.go index 9066eef1a3a..c5cf868be61 100644 --- a/service/iotevents/endpoints.go +++ b/service/iotevents/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotevents/options.go b/service/iotevents/options.go index 27666fc52a3..67f28fdcf79 100644 --- a/service/iotevents/options.go +++ b/service/iotevents/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ioteventsdata/api_client.go b/service/ioteventsdata/api_client.go index d95a7b2511c..d18ec2e815f 100644 --- a/service/ioteventsdata/api_client.go +++ b/service/ioteventsdata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ioteventsdata/auth.go b/service/ioteventsdata/auth.go index 2c70588bff5..b878d058a6d 100644 --- a/service/ioteventsdata/auth.go +++ b/service/ioteventsdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ioteventsdata/endpoints.go b/service/ioteventsdata/endpoints.go index 69501db45c5..476e5d6d455 100644 --- a/service/ioteventsdata/endpoints.go +++ b/service/ioteventsdata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ioteventsdata/options.go b/service/ioteventsdata/options.go index a3338820dd7..27988f1cfc8 100644 --- a/service/ioteventsdata/options.go +++ b/service/ioteventsdata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotfleethub/api_client.go b/service/iotfleethub/api_client.go index 229e658030d..6a66a63579f 100644 --- a/service/iotfleethub/api_client.go +++ b/service/iotfleethub/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iotfleethub/auth.go b/service/iotfleethub/auth.go index 0d2df7e3252..28d8bf817d3 100644 --- a/service/iotfleethub/auth.go +++ b/service/iotfleethub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotfleethub/endpoints.go b/service/iotfleethub/endpoints.go index f7ebf1b67dc..ec73b05a7f0 100644 --- a/service/iotfleethub/endpoints.go +++ b/service/iotfleethub/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotfleethub/options.go b/service/iotfleethub/options.go index 5914b462b71..e3a1f111877 100644 --- a/service/iotfleethub/options.go +++ b/service/iotfleethub/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotfleetwise/api_client.go b/service/iotfleetwise/api_client.go index f12a101247d..265b8bf9a46 100644 --- a/service/iotfleetwise/api_client.go +++ b/service/iotfleetwise/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotfleetwise/auth.go b/service/iotfleetwise/auth.go index de7d6acd364..6c7b3f3c3ad 100644 --- a/service/iotfleetwise/auth.go +++ b/service/iotfleetwise/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotfleetwise/endpoints.go b/service/iotfleetwise/endpoints.go index a1250878f0f..971e642de67 100644 --- a/service/iotfleetwise/endpoints.go +++ b/service/iotfleetwise/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotfleetwise/options.go b/service/iotfleetwise/options.go index 3bc794cb501..b41d68c93b8 100644 --- a/service/iotfleetwise/options.go +++ b/service/iotfleetwise/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotjobsdataplane/api_client.go b/service/iotjobsdataplane/api_client.go index 9cf1529cc03..feddb2f69c5 100644 --- a/service/iotjobsdataplane/api_client.go +++ b/service/iotjobsdataplane/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotjobsdataplane/auth.go b/service/iotjobsdataplane/auth.go index a6801b8c1b4..df1419f81d7 100644 --- a/service/iotjobsdataplane/auth.go +++ b/service/iotjobsdataplane/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotjobsdataplane/endpoints.go b/service/iotjobsdataplane/endpoints.go index 43020833366..b20293b729c 100644 --- a/service/iotjobsdataplane/endpoints.go +++ b/service/iotjobsdataplane/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotjobsdataplane/options.go b/service/iotjobsdataplane/options.go index 036fc7d5a3d..5b662a1cb68 100644 --- a/service/iotjobsdataplane/options.go +++ b/service/iotjobsdataplane/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotroborunner/api_client.go b/service/iotroborunner/api_client.go index 0c17961849b..a0277d33e95 100644 --- a/service/iotroborunner/api_client.go +++ b/service/iotroborunner/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iotroborunner/auth.go b/service/iotroborunner/auth.go index 697a1a31481..73c7685bc1e 100644 --- a/service/iotroborunner/auth.go +++ b/service/iotroborunner/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotroborunner/endpoints.go b/service/iotroborunner/endpoints.go index 284143f194c..b9f83d0a3ff 100644 --- a/service/iotroborunner/endpoints.go +++ b/service/iotroborunner/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotroborunner/options.go b/service/iotroborunner/options.go index 66da194453c..6a5abe511be 100644 --- a/service/iotroborunner/options.go +++ b/service/iotroborunner/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotsecuretunneling/api_client.go b/service/iotsecuretunneling/api_client.go index 4b053479eb6..f8590a5c117 100644 --- a/service/iotsecuretunneling/api_client.go +++ b/service/iotsecuretunneling/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotsecuretunneling/auth.go b/service/iotsecuretunneling/auth.go index d12b1128098..bac51988068 100644 --- a/service/iotsecuretunneling/auth.go +++ b/service/iotsecuretunneling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotsecuretunneling/endpoints.go b/service/iotsecuretunneling/endpoints.go index 51a1262646c..c30780c146e 100644 --- a/service/iotsecuretunneling/endpoints.go +++ b/service/iotsecuretunneling/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotsecuretunneling/options.go b/service/iotsecuretunneling/options.go index 25e5ad67504..75edf9d3c9a 100644 --- a/service/iotsecuretunneling/options.go +++ b/service/iotsecuretunneling/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotsitewise/api_client.go b/service/iotsitewise/api_client.go index d41c68d0b0a..15bfc0220f8 100644 --- a/service/iotsitewise/api_client.go +++ b/service/iotsitewise/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iotsitewise/auth.go b/service/iotsitewise/auth.go index 95d3461977a..94e74c621dd 100644 --- a/service/iotsitewise/auth.go +++ b/service/iotsitewise/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotsitewise/endpoints.go b/service/iotsitewise/endpoints.go index ef281df7d4c..f98b9de49ea 100644 --- a/service/iotsitewise/endpoints.go +++ b/service/iotsitewise/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotsitewise/options.go b/service/iotsitewise/options.go index af7c6568caf..bccae83be26 100644 --- a/service/iotsitewise/options.go +++ b/service/iotsitewise/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotthingsgraph/api_client.go b/service/iotthingsgraph/api_client.go index bfc8e4f9899..394ccb77bc7 100644 --- a/service/iotthingsgraph/api_client.go +++ b/service/iotthingsgraph/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iotthingsgraph/auth.go b/service/iotthingsgraph/auth.go index e921eea19a9..affe09c1d3c 100644 --- a/service/iotthingsgraph/auth.go +++ b/service/iotthingsgraph/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotthingsgraph/endpoints.go b/service/iotthingsgraph/endpoints.go index 0fcd54ff137..94853d69925 100644 --- a/service/iotthingsgraph/endpoints.go +++ b/service/iotthingsgraph/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotthingsgraph/options.go b/service/iotthingsgraph/options.go index 489330e364f..99a57ff8482 100644 --- a/service/iotthingsgraph/options.go +++ b/service/iotthingsgraph/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iottwinmaker/api_client.go b/service/iottwinmaker/api_client.go index cc32e441eb0..1a7dbd908c3 100644 --- a/service/iottwinmaker/api_client.go +++ b/service/iottwinmaker/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/iottwinmaker/auth.go b/service/iottwinmaker/auth.go index 4082445a598..477fb9ffed4 100644 --- a/service/iottwinmaker/auth.go +++ b/service/iottwinmaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iottwinmaker/endpoints.go b/service/iottwinmaker/endpoints.go index 8837e37acd5..9fd219fdd72 100644 --- a/service/iottwinmaker/endpoints.go +++ b/service/iottwinmaker/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iottwinmaker/options.go b/service/iottwinmaker/options.go index b383a8eefbd..3203fcc7d76 100644 --- a/service/iottwinmaker/options.go +++ b/service/iottwinmaker/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/iotwireless/api_client.go b/service/iotwireless/api_client.go index f1af554281f..55fec6b11bd 100644 --- a/service/iotwireless/api_client.go +++ b/service/iotwireless/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iotwireless/auth.go b/service/iotwireless/auth.go index e1533afc719..9bd28b83e84 100644 --- a/service/iotwireless/auth.go +++ b/service/iotwireless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/iotwireless/endpoints.go b/service/iotwireless/endpoints.go index 859c2c601fb..19f8a541a22 100644 --- a/service/iotwireless/endpoints.go +++ b/service/iotwireless/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/iotwireless/options.go b/service/iotwireless/options.go index e09b0f114a6..d931ffa7313 100644 --- a/service/iotwireless/options.go +++ b/service/iotwireless/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivs/api_client.go b/service/ivs/api_client.go index 407e79125d3..a106db89d8c 100644 --- a/service/ivs/api_client.go +++ b/service/ivs/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ivs/auth.go b/service/ivs/auth.go index f9c868d5f5b..9ffe0c282be 100644 --- a/service/ivs/auth.go +++ b/service/ivs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivs/endpoints.go b/service/ivs/endpoints.go index fa87921e9d2..06efffa49dc 100644 --- a/service/ivs/endpoints.go +++ b/service/ivs/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivs/options.go b/service/ivs/options.go index 42de105a27b..853714a784b 100644 --- a/service/ivs/options.go +++ b/service/ivs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivschat/api_client.go b/service/ivschat/api_client.go index 70c10bcbbd4..7647a796e1f 100644 --- a/service/ivschat/api_client.go +++ b/service/ivschat/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ivschat/auth.go b/service/ivschat/auth.go index 8a7d30529c1..eec03294183 100644 --- a/service/ivschat/auth.go +++ b/service/ivschat/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivschat/endpoints.go b/service/ivschat/endpoints.go index c35c7072cca..822df9b511b 100644 --- a/service/ivschat/endpoints.go +++ b/service/ivschat/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivschat/options.go b/service/ivschat/options.go index 5ac40291045..7afd03cd8bf 100644 --- a/service/ivschat/options.go +++ b/service/ivschat/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ivsrealtime/api_client.go b/service/ivsrealtime/api_client.go index f0d26f99e1c..e58e600333f 100644 --- a/service/ivsrealtime/api_client.go +++ b/service/ivsrealtime/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ivsrealtime/auth.go b/service/ivsrealtime/auth.go index 68eb6c1b273..72bb0ff2669 100644 --- a/service/ivsrealtime/auth.go +++ b/service/ivsrealtime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ivsrealtime/endpoints.go b/service/ivsrealtime/endpoints.go index 464a425df6b..b42c33c72ec 100644 --- a/service/ivsrealtime/endpoints.go +++ b/service/ivsrealtime/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ivsrealtime/options.go b/service/ivsrealtime/options.go index fe1efedca94..8cdff1b824a 100644 --- a/service/ivsrealtime/options.go +++ b/service/ivsrealtime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kafka/api_client.go b/service/kafka/api_client.go index ddd2ad02516..7e96b9aeff3 100644 --- a/service/kafka/api_client.go +++ b/service/kafka/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kafka/auth.go b/service/kafka/auth.go index 01c30d877a0..fe995bf80e1 100644 --- a/service/kafka/auth.go +++ b/service/kafka/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kafka/endpoints.go b/service/kafka/endpoints.go index 2918c72bf42..23c5d63a33a 100644 --- a/service/kafka/endpoints.go +++ b/service/kafka/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kafka/options.go b/service/kafka/options.go index 54a2483b5ed..2a3ece54489 100644 --- a/service/kafka/options.go +++ b/service/kafka/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kafkaconnect/api_client.go b/service/kafkaconnect/api_client.go index 81d5230e4b8..a1e20a58502 100644 --- a/service/kafkaconnect/api_client.go +++ b/service/kafkaconnect/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kafkaconnect/auth.go b/service/kafkaconnect/auth.go index 75479b40336..c50700f8612 100644 --- a/service/kafkaconnect/auth.go +++ b/service/kafkaconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kafkaconnect/endpoints.go b/service/kafkaconnect/endpoints.go index 5cd226f485f..9b5fb33d249 100644 --- a/service/kafkaconnect/endpoints.go +++ b/service/kafkaconnect/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kafkaconnect/options.go b/service/kafkaconnect/options.go index fdedd8301b6..1e44a27141e 100644 --- a/service/kafkaconnect/options.go +++ b/service/kafkaconnect/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kendra/api_client.go b/service/kendra/api_client.go index 1b8d9916446..73b62dad3e6 100644 --- a/service/kendra/api_client.go +++ b/service/kendra/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/kendra/auth.go b/service/kendra/auth.go index 0f13f7f8a0a..35e17043b0a 100644 --- a/service/kendra/auth.go +++ b/service/kendra/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kendra/endpoints.go b/service/kendra/endpoints.go index 7a3d474e2fc..9a4678470a7 100644 --- a/service/kendra/endpoints.go +++ b/service/kendra/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kendra/options.go b/service/kendra/options.go index 8e9db820070..75dd51fc1da 100644 --- a/service/kendra/options.go +++ b/service/kendra/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kendraranking/api_client.go b/service/kendraranking/api_client.go index a1ae08835d4..9e51d770f36 100644 --- a/service/kendraranking/api_client.go +++ b/service/kendraranking/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/kendraranking/auth.go b/service/kendraranking/auth.go index 30fcdd4b20c..9c88a71c023 100644 --- a/service/kendraranking/auth.go +++ b/service/kendraranking/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kendraranking/endpoints.go b/service/kendraranking/endpoints.go index ba740265be8..0d94a840872 100644 --- a/service/kendraranking/endpoints.go +++ b/service/kendraranking/endpoints.go @@ -411,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,6 +440,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kendraranking/options.go b/service/kendraranking/options.go index 5aab840a035..92bc1b32412 100644 --- a/service/kendraranking/options.go +++ b/service/kendraranking/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/keyspaces/api_client.go b/service/keyspaces/api_client.go index 2fed93d4d2e..d077ad23900 100644 --- a/service/keyspaces/api_client.go +++ b/service/keyspaces/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/keyspaces/auth.go b/service/keyspaces/auth.go index 56b83a4a676..ba77db22ab9 100644 --- a/service/keyspaces/auth.go +++ b/service/keyspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/keyspaces/endpoints.go b/service/keyspaces/endpoints.go index 1f17fcb2189..10fa31895f7 100644 --- a/service/keyspaces/endpoints.go +++ b/service/keyspaces/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/keyspaces/options.go b/service/keyspaces/options.go index 1cf9545f6fe..88df0699a68 100644 --- a/service/keyspaces/options.go +++ b/service/keyspaces/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesis/api_client.go b/service/kinesis/api_client.go index e5903efe291..7b257ee6d37 100644 --- a/service/kinesis/api_client.go +++ b/service/kinesis/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -231,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -430,6 +432,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesis/auth.go b/service/kinesis/auth.go index 0702f8afad6..68fb5a61569 100644 --- a/service/kinesis/auth.go +++ b/service/kinesis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesis/endpoints.go b/service/kinesis/endpoints.go index 481add9802a..4ba5bad4a86 100644 --- a/service/kinesis/endpoints.go +++ b/service/kinesis/endpoints.go @@ -1014,7 +1014,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1044,6 +1044,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -1053,7 +1057,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesis/options.go b/service/kinesis/options.go index 155ced3b14e..8ee419ba1f9 100644 --- a/service/kinesis/options.go +++ b/service/kinesis/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisanalytics/api_client.go b/service/kinesisanalytics/api_client.go index 001245171df..1b413d957d2 100644 --- a/service/kinesisanalytics/api_client.go +++ b/service/kinesisanalytics/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisanalytics/auth.go b/service/kinesisanalytics/auth.go index b588328b8fb..771bdcbb1fe 100644 --- a/service/kinesisanalytics/auth.go +++ b/service/kinesisanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisanalytics/endpoints.go b/service/kinesisanalytics/endpoints.go index e8516117c18..1339b308a9d 100644 --- a/service/kinesisanalytics/endpoints.go +++ b/service/kinesisanalytics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisanalytics/options.go b/service/kinesisanalytics/options.go index 678065e55f0..8643be0e1c3 100644 --- a/service/kinesisanalytics/options.go +++ b/service/kinesisanalytics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisanalyticsv2/api_client.go b/service/kinesisanalyticsv2/api_client.go index c911134ef43..417d366cb39 100644 --- a/service/kinesisanalyticsv2/api_client.go +++ b/service/kinesisanalyticsv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisanalyticsv2/auth.go b/service/kinesisanalyticsv2/auth.go index 72d79992f4e..1c86600e417 100644 --- a/service/kinesisanalyticsv2/auth.go +++ b/service/kinesisanalyticsv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisanalyticsv2/endpoints.go b/service/kinesisanalyticsv2/endpoints.go index 764a42dc0eb..67903e26412 100644 --- a/service/kinesisanalyticsv2/endpoints.go +++ b/service/kinesisanalyticsv2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisanalyticsv2/options.go b/service/kinesisanalyticsv2/options.go index 5feab711b94..9790e0d37cb 100644 --- a/service/kinesisanalyticsv2/options.go +++ b/service/kinesisanalyticsv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideo/api_client.go b/service/kinesisvideo/api_client.go index 73258f4b0a5..58e38beb08e 100644 --- a/service/kinesisvideo/api_client.go +++ b/service/kinesisvideo/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisvideo/auth.go b/service/kinesisvideo/auth.go index 8d90b1f6265..1f1c6ba47e1 100644 --- a/service/kinesisvideo/auth.go +++ b/service/kinesisvideo/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideo/endpoints.go b/service/kinesisvideo/endpoints.go index 04994a1ef9c..11dac27c16b 100644 --- a/service/kinesisvideo/endpoints.go +++ b/service/kinesisvideo/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideo/options.go b/service/kinesisvideo/options.go index 92065738972..b7fb5a391e9 100644 --- a/service/kinesisvideo/options.go +++ b/service/kinesisvideo/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideoarchivedmedia/api_client.go b/service/kinesisvideoarchivedmedia/api_client.go index 02f3104137d..7e94b394d7e 100644 --- a/service/kinesisvideoarchivedmedia/api_client.go +++ b/service/kinesisvideoarchivedmedia/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisvideoarchivedmedia/auth.go b/service/kinesisvideoarchivedmedia/auth.go index 320e348943a..d39f4490cfe 100644 --- a/service/kinesisvideoarchivedmedia/auth.go +++ b/service/kinesisvideoarchivedmedia/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideoarchivedmedia/endpoints.go b/service/kinesisvideoarchivedmedia/endpoints.go index 0980accef36..5d10e627d53 100644 --- a/service/kinesisvideoarchivedmedia/endpoints.go +++ b/service/kinesisvideoarchivedmedia/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideoarchivedmedia/options.go b/service/kinesisvideoarchivedmedia/options.go index b277a36e668..53cb100ad43 100644 --- a/service/kinesisvideoarchivedmedia/options.go +++ b/service/kinesisvideoarchivedmedia/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideomedia/api_client.go b/service/kinesisvideomedia/api_client.go index 57d1add87f2..748e9726820 100644 --- a/service/kinesisvideomedia/api_client.go +++ b/service/kinesisvideomedia/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisvideomedia/auth.go b/service/kinesisvideomedia/auth.go index 08ed5503a49..0aff2af3269 100644 --- a/service/kinesisvideomedia/auth.go +++ b/service/kinesisvideomedia/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideomedia/endpoints.go b/service/kinesisvideomedia/endpoints.go index f45a74cbe28..7cd882b09ef 100644 --- a/service/kinesisvideomedia/endpoints.go +++ b/service/kinesisvideomedia/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideomedia/options.go b/service/kinesisvideomedia/options.go index f8da0363744..6445157511b 100644 --- a/service/kinesisvideomedia/options.go +++ b/service/kinesisvideomedia/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideosignaling/api_client.go b/service/kinesisvideosignaling/api_client.go index abeb789548c..44143044c34 100644 --- a/service/kinesisvideosignaling/api_client.go +++ b/service/kinesisvideosignaling/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisvideosignaling/auth.go b/service/kinesisvideosignaling/auth.go index 33d74b57825..9f9a5582579 100644 --- a/service/kinesisvideosignaling/auth.go +++ b/service/kinesisvideosignaling/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideosignaling/endpoints.go b/service/kinesisvideosignaling/endpoints.go index 775e4688bdb..60335e3e83a 100644 --- a/service/kinesisvideosignaling/endpoints.go +++ b/service/kinesisvideosignaling/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideosignaling/options.go b/service/kinesisvideosignaling/options.go index adbe7cd35e6..2a6d49c994b 100644 --- a/service/kinesisvideosignaling/options.go +++ b/service/kinesisvideosignaling/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kinesisvideowebrtcstorage/api_client.go b/service/kinesisvideowebrtcstorage/api_client.go index a8242ccb12b..e838fc38efd 100644 --- a/service/kinesisvideowebrtcstorage/api_client.go +++ b/service/kinesisvideowebrtcstorage/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kinesisvideowebrtcstorage/auth.go b/service/kinesisvideowebrtcstorage/auth.go index 6ccefb2a3b0..3a9d87db40c 100644 --- a/service/kinesisvideowebrtcstorage/auth.go +++ b/service/kinesisvideowebrtcstorage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kinesisvideowebrtcstorage/endpoints.go b/service/kinesisvideowebrtcstorage/endpoints.go index 752c853c2f7..9dc609d5e03 100644 --- a/service/kinesisvideowebrtcstorage/endpoints.go +++ b/service/kinesisvideowebrtcstorage/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kinesisvideowebrtcstorage/options.go b/service/kinesisvideowebrtcstorage/options.go index 31c132932f3..47354b31af2 100644 --- a/service/kinesisvideowebrtcstorage/options.go +++ b/service/kinesisvideowebrtcstorage/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/kms/api_client.go b/service/kms/api_client.go index d1af622670f..e2c5c794069 100644 --- a/service/kms/api_client.go +++ b/service/kms/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/kms/auth.go b/service/kms/auth.go index 16619a43751..fea1da697b4 100644 --- a/service/kms/auth.go +++ b/service/kms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/kms/endpoints.go b/service/kms/endpoints.go index 0538b4ef969..28eba594e76 100644 --- a/service/kms/endpoints.go +++ b/service/kms/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/kms/options.go b/service/kms/options.go index b24e2565947..728883545ff 100644 --- a/service/kms/options.go +++ b/service/kms/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lakeformation/api_client.go b/service/lakeformation/api_client.go index 53da5289e06..99400ecb29d 100644 --- a/service/lakeformation/api_client.go +++ b/service/lakeformation/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lakeformation/auth.go b/service/lakeformation/auth.go index 7091cfcb8f3..264664f5ab9 100644 --- a/service/lakeformation/auth.go +++ b/service/lakeformation/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lakeformation/endpoints.go b/service/lakeformation/endpoints.go index a4fdec742d0..9f14c6fe16d 100644 --- a/service/lakeformation/endpoints.go +++ b/service/lakeformation/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lakeformation/options.go b/service/lakeformation/options.go index 012d57d12fa..1dbe5060062 100644 --- a/service/lakeformation/options.go +++ b/service/lakeformation/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lambda/api_client.go b/service/lambda/api_client.go index 13b202fb74d..c2c293bfecd 100644 --- a/service/lambda/api_client.go +++ b/service/lambda/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -231,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -430,6 +432,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lambda/auth.go b/service/lambda/auth.go index 200f694bbba..5867a50cb80 100644 --- a/service/lambda/auth.go +++ b/service/lambda/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lambda/endpoints.go b/service/lambda/endpoints.go index 0af3882c89a..193c985935a 100644 --- a/service/lambda/endpoints.go +++ b/service/lambda/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lambda/options.go b/service/lambda/options.go index e76e46c8a01..c8b86cdf8b0 100644 --- a/service/lambda/options.go +++ b/service/lambda/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/launchwizard/api_client.go b/service/launchwizard/api_client.go index edeb3e75dc7..db9c5bcc7a7 100644 --- a/service/launchwizard/api_client.go +++ b/service/launchwizard/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/launchwizard/auth.go b/service/launchwizard/auth.go index 02543832307..b7c165bcc25 100644 --- a/service/launchwizard/auth.go +++ b/service/launchwizard/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/launchwizard/endpoints.go b/service/launchwizard/endpoints.go index 18335ddcb88..42768b4fd96 100644 --- a/service/launchwizard/endpoints.go +++ b/service/launchwizard/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/launchwizard/options.go b/service/launchwizard/options.go index a41eb676711..a18512d592a 100644 --- a/service/launchwizard/options.go +++ b/service/launchwizard/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexmodelbuildingservice/api_client.go b/service/lexmodelbuildingservice/api_client.go index 53088b6bfd9..cb388d36fb9 100644 --- a/service/lexmodelbuildingservice/api_client.go +++ b/service/lexmodelbuildingservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lexmodelbuildingservice/auth.go b/service/lexmodelbuildingservice/auth.go index 855958233cd..024035e0e19 100644 --- a/service/lexmodelbuildingservice/auth.go +++ b/service/lexmodelbuildingservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexmodelbuildingservice/endpoints.go b/service/lexmodelbuildingservice/endpoints.go index 06abb2ee1a3..97a5b0288dc 100644 --- a/service/lexmodelbuildingservice/endpoints.go +++ b/service/lexmodelbuildingservice/endpoints.go @@ -515,7 +515,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -545,6 +545,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -554,7 +558,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexmodelbuildingservice/options.go b/service/lexmodelbuildingservice/options.go index 18157169360..ff9f098e075 100644 --- a/service/lexmodelbuildingservice/options.go +++ b/service/lexmodelbuildingservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexmodelsv2/api_client.go b/service/lexmodelsv2/api_client.go index 03d774e4259..8fd9d4894ea 100644 --- a/service/lexmodelsv2/api_client.go +++ b/service/lexmodelsv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lexmodelsv2/auth.go b/service/lexmodelsv2/auth.go index 2e4a3cd17eb..9bae1890ae3 100644 --- a/service/lexmodelsv2/auth.go +++ b/service/lexmodelsv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexmodelsv2/endpoints.go b/service/lexmodelsv2/endpoints.go index 7f1a249dcf8..18b48724937 100644 --- a/service/lexmodelsv2/endpoints.go +++ b/service/lexmodelsv2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexmodelsv2/options.go b/service/lexmodelsv2/options.go index a26948027ae..4ed355e812c 100644 --- a/service/lexmodelsv2/options.go +++ b/service/lexmodelsv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexruntimeservice/api_client.go b/service/lexruntimeservice/api_client.go index 019ba17822a..e4d6198d1a1 100644 --- a/service/lexruntimeservice/api_client.go +++ b/service/lexruntimeservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lexruntimeservice/auth.go b/service/lexruntimeservice/auth.go index 7d399d0f393..a2dcea25f31 100644 --- a/service/lexruntimeservice/auth.go +++ b/service/lexruntimeservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexruntimeservice/endpoints.go b/service/lexruntimeservice/endpoints.go index e21e8d7e6c8..1fe6b709cf2 100644 --- a/service/lexruntimeservice/endpoints.go +++ b/service/lexruntimeservice/endpoints.go @@ -515,7 +515,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -545,6 +545,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -554,7 +558,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexruntimeservice/options.go b/service/lexruntimeservice/options.go index adef318e20c..8f1c113d55d 100644 --- a/service/lexruntimeservice/options.go +++ b/service/lexruntimeservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lexruntimev2/api_client.go b/service/lexruntimev2/api_client.go index ea81162288d..4ae46c9ff2d 100644 --- a/service/lexruntimev2/api_client.go +++ b/service/lexruntimev2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lexruntimev2/auth.go b/service/lexruntimev2/auth.go index ae56fab8e1e..e4e50a6fdc8 100644 --- a/service/lexruntimev2/auth.go +++ b/service/lexruntimev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lexruntimev2/endpoints.go b/service/lexruntimev2/endpoints.go index c2cc0c059e1..e467882d4f1 100644 --- a/service/lexruntimev2/endpoints.go +++ b/service/lexruntimev2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lexruntimev2/options.go b/service/lexruntimev2/options.go index 9f4d6b480db..6004971f766 100644 --- a/service/lexruntimev2/options.go +++ b/service/lexruntimev2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanager/api_client.go b/service/licensemanager/api_client.go index e3c31e05e57..9efaac8316f 100644 --- a/service/licensemanager/api_client.go +++ b/service/licensemanager/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/licensemanager/auth.go b/service/licensemanager/auth.go index d31986262d4..4f0cb6b7263 100644 --- a/service/licensemanager/auth.go +++ b/service/licensemanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanager/endpoints.go b/service/licensemanager/endpoints.go index 8544d3dab2b..8d03d9d2fef 100644 --- a/service/licensemanager/endpoints.go +++ b/service/licensemanager/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanager/options.go b/service/licensemanager/options.go index ee36a821e3c..5c17a0aa256 100644 --- a/service/licensemanager/options.go +++ b/service/licensemanager/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanagerlinuxsubscriptions/api_client.go b/service/licensemanagerlinuxsubscriptions/api_client.go index 7717700004c..03d79fed56e 100644 --- a/service/licensemanagerlinuxsubscriptions/api_client.go +++ b/service/licensemanagerlinuxsubscriptions/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/licensemanagerlinuxsubscriptions/auth.go b/service/licensemanagerlinuxsubscriptions/auth.go index 496c786519d..02078c930bd 100644 --- a/service/licensemanagerlinuxsubscriptions/auth.go +++ b/service/licensemanagerlinuxsubscriptions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanagerlinuxsubscriptions/endpoints.go b/service/licensemanagerlinuxsubscriptions/endpoints.go index a16699e7071..ec41c252961 100644 --- a/service/licensemanagerlinuxsubscriptions/endpoints.go +++ b/service/licensemanagerlinuxsubscriptions/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanagerlinuxsubscriptions/options.go b/service/licensemanagerlinuxsubscriptions/options.go index c8dd48f8d40..df510110cff 100644 --- a/service/licensemanagerlinuxsubscriptions/options.go +++ b/service/licensemanagerlinuxsubscriptions/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/licensemanagerusersubscriptions/api_client.go b/service/licensemanagerusersubscriptions/api_client.go index 74dcf96df9c..d6a42fd760f 100644 --- a/service/licensemanagerusersubscriptions/api_client.go +++ b/service/licensemanagerusersubscriptions/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/licensemanagerusersubscriptions/auth.go b/service/licensemanagerusersubscriptions/auth.go index b9bd20f3bdd..7adf61462f6 100644 --- a/service/licensemanagerusersubscriptions/auth.go +++ b/service/licensemanagerusersubscriptions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/licensemanagerusersubscriptions/endpoints.go b/service/licensemanagerusersubscriptions/endpoints.go index 2cd7222c10a..86a921a0816 100644 --- a/service/licensemanagerusersubscriptions/endpoints.go +++ b/service/licensemanagerusersubscriptions/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/licensemanagerusersubscriptions/options.go b/service/licensemanagerusersubscriptions/options.go index cdbf6317e85..fd3b0bff6d4 100644 --- a/service/licensemanagerusersubscriptions/options.go +++ b/service/licensemanagerusersubscriptions/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lightsail/api_client.go b/service/lightsail/api_client.go index 044f62c4932..29644d755fa 100644 --- a/service/lightsail/api_client.go +++ b/service/lightsail/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lightsail/auth.go b/service/lightsail/auth.go index ead0dd5f2fd..7d828de4cc3 100644 --- a/service/lightsail/auth.go +++ b/service/lightsail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lightsail/endpoints.go b/service/lightsail/endpoints.go index fb1bf128e26..847f96e03b1 100644 --- a/service/lightsail/endpoints.go +++ b/service/lightsail/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lightsail/options.go b/service/lightsail/options.go index ec95be44fc2..5da5512b330 100644 --- a/service/lightsail/options.go +++ b/service/lightsail/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/location/api_client.go b/service/location/api_client.go index 2df8ba8a5eb..fa2999236c8 100644 --- a/service/location/api_client.go +++ b/service/location/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/location/auth.go b/service/location/auth.go index ed1aedaf4a6..a7d3ba8cf5b 100644 --- a/service/location/auth.go +++ b/service/location/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/location/endpoints.go b/service/location/endpoints.go index 84c111e236b..6de6847fe8d 100644 --- a/service/location/endpoints.go +++ b/service/location/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/location/options.go b/service/location/options.go index b2f09612356..fd353257aaf 100644 --- a/service/location/options.go +++ b/service/location/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutequipment/api_client.go b/service/lookoutequipment/api_client.go index 51e382cdebf..1fe36726b14 100644 --- a/service/lookoutequipment/api_client.go +++ b/service/lookoutequipment/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/lookoutequipment/auth.go b/service/lookoutequipment/auth.go index d15f3f05e4d..5f9977a4c74 100644 --- a/service/lookoutequipment/auth.go +++ b/service/lookoutequipment/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutequipment/endpoints.go b/service/lookoutequipment/endpoints.go index d9f066daf80..e79e55e047b 100644 --- a/service/lookoutequipment/endpoints.go +++ b/service/lookoutequipment/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutequipment/options.go b/service/lookoutequipment/options.go index dbb223aa037..540970b90b4 100644 --- a/service/lookoutequipment/options.go +++ b/service/lookoutequipment/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutmetrics/api_client.go b/service/lookoutmetrics/api_client.go index 99ebf1c1a07..f1e95f1817e 100644 --- a/service/lookoutmetrics/api_client.go +++ b/service/lookoutmetrics/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/lookoutmetrics/auth.go b/service/lookoutmetrics/auth.go index c2aef4c15d9..36ab5d78188 100644 --- a/service/lookoutmetrics/auth.go +++ b/service/lookoutmetrics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutmetrics/endpoints.go b/service/lookoutmetrics/endpoints.go index 32c5fa523fa..b01f3fff92b 100644 --- a/service/lookoutmetrics/endpoints.go +++ b/service/lookoutmetrics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutmetrics/options.go b/service/lookoutmetrics/options.go index 2438aeaa481..2199ee9e4f4 100644 --- a/service/lookoutmetrics/options.go +++ b/service/lookoutmetrics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/lookoutvision/api_client.go b/service/lookoutvision/api_client.go index f8c1d6214fe..9dc2e845e71 100644 --- a/service/lookoutvision/api_client.go +++ b/service/lookoutvision/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/lookoutvision/auth.go b/service/lookoutvision/auth.go index c13d3ef3a71..0d8b1e84d5b 100644 --- a/service/lookoutvision/auth.go +++ b/service/lookoutvision/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/lookoutvision/endpoints.go b/service/lookoutvision/endpoints.go index a8cd3971ae2..5300186d4c1 100644 --- a/service/lookoutvision/endpoints.go +++ b/service/lookoutvision/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/lookoutvision/options.go b/service/lookoutvision/options.go index ba9ea96c772..13807e6f674 100644 --- a/service/lookoutvision/options.go +++ b/service/lookoutvision/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/m2/api_client.go b/service/m2/api_client.go index b5ed62e95f0..10b2a9f016f 100644 --- a/service/m2/api_client.go +++ b/service/m2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/m2/auth.go b/service/m2/auth.go index b0ca0a88579..4d48b878da9 100644 --- a/service/m2/auth.go +++ b/service/m2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/m2/endpoints.go b/service/m2/endpoints.go index 6b337737c16..7e31a07b42f 100644 --- a/service/m2/endpoints.go +++ b/service/m2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/m2/options.go b/service/m2/options.go index eaa056a41d4..fd504c45b2e 100644 --- a/service/m2/options.go +++ b/service/m2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/machinelearning/api_client.go b/service/machinelearning/api_client.go index d4aa4264e49..5ade787a2ac 100644 --- a/service/machinelearning/api_client.go +++ b/service/machinelearning/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/machinelearning/auth.go b/service/machinelearning/auth.go index b43ad6a0989..a32f178776f 100644 --- a/service/machinelearning/auth.go +++ b/service/machinelearning/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/machinelearning/endpoints.go b/service/machinelearning/endpoints.go index 69c28ba5014..7f7d92d1696 100644 --- a/service/machinelearning/endpoints.go +++ b/service/machinelearning/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/machinelearning/options.go b/service/machinelearning/options.go index daf5223a2f6..68db3669be9 100644 --- a/service/machinelearning/options.go +++ b/service/machinelearning/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/macie2/api_client.go b/service/macie2/api_client.go index 0bf2e931cc2..a497eff5749 100644 --- a/service/macie2/api_client.go +++ b/service/macie2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/macie2/auth.go b/service/macie2/auth.go index b383ee11f22..6bd84005d43 100644 --- a/service/macie2/auth.go +++ b/service/macie2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/macie2/endpoints.go b/service/macie2/endpoints.go index 53a35328dee..8e4ef6c7d7e 100644 --- a/service/macie2/endpoints.go +++ b/service/macie2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/macie2/options.go b/service/macie2/options.go index bf8cee97437..afc06663273 100644 --- a/service/macie2/options.go +++ b/service/macie2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchain/api_client.go b/service/managedblockchain/api_client.go index 1e298400fa4..870ccfa38c1 100644 --- a/service/managedblockchain/api_client.go +++ b/service/managedblockchain/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/managedblockchain/auth.go b/service/managedblockchain/auth.go index 6bb7ffb526c..58b1899cff2 100644 --- a/service/managedblockchain/auth.go +++ b/service/managedblockchain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/managedblockchain/endpoints.go b/service/managedblockchain/endpoints.go index 0ef23158815..bd5ec643b32 100644 --- a/service/managedblockchain/endpoints.go +++ b/service/managedblockchain/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/managedblockchain/options.go b/service/managedblockchain/options.go index d6b01206e49..99101296451 100644 --- a/service/managedblockchain/options.go +++ b/service/managedblockchain/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchainquery/api_client.go b/service/managedblockchainquery/api_client.go index fc2c5ad82e2..3522fc6180c 100644 --- a/service/managedblockchainquery/api_client.go +++ b/service/managedblockchainquery/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/managedblockchainquery/auth.go b/service/managedblockchainquery/auth.go index 64a0ee71614..26fdf1fd506 100644 --- a/service/managedblockchainquery/auth.go +++ b/service/managedblockchainquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/managedblockchainquery/endpoints.go b/service/managedblockchainquery/endpoints.go index 749fcc2ac10..79d87ee2d4f 100644 --- a/service/managedblockchainquery/endpoints.go +++ b/service/managedblockchainquery/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/managedblockchainquery/options.go b/service/managedblockchainquery/options.go index 8738f17a254..4ec4e8ef646 100644 --- a/service/managedblockchainquery/options.go +++ b/service/managedblockchainquery/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplaceagreement/api_client.go b/service/marketplaceagreement/api_client.go index 7f31cb35e23..c97f70f8ad2 100644 --- a/service/marketplaceagreement/api_client.go +++ b/service/marketplaceagreement/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/marketplaceagreement/auth.go b/service/marketplaceagreement/auth.go index e1158bbbfc5..6baf96ced22 100644 --- a/service/marketplaceagreement/auth.go +++ b/service/marketplaceagreement/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplaceagreement/endpoints.go b/service/marketplaceagreement/endpoints.go index 222ab02977c..a1cced8a6ba 100644 --- a/service/marketplaceagreement/endpoints.go +++ b/service/marketplaceagreement/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplaceagreement/options.go b/service/marketplaceagreement/options.go index 9ee60337932..09fabff0bf4 100644 --- a/service/marketplaceagreement/options.go +++ b/service/marketplaceagreement/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacecatalog/api_client.go b/service/marketplacecatalog/api_client.go index a94eff98f03..8971bef391a 100644 --- a/service/marketplacecatalog/api_client.go +++ b/service/marketplacecatalog/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/marketplacecatalog/auth.go b/service/marketplacecatalog/auth.go index 98603fa0055..3027a18c9b1 100644 --- a/service/marketplacecatalog/auth.go +++ b/service/marketplacecatalog/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacecatalog/endpoints.go b/service/marketplacecatalog/endpoints.go index 4e09bf38b86..c4f60b4d56d 100644 --- a/service/marketplacecatalog/endpoints.go +++ b/service/marketplacecatalog/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacecatalog/options.go b/service/marketplacecatalog/options.go index 8b1efa9bf6c..6e6ad547bd2 100644 --- a/service/marketplacecatalog/options.go +++ b/service/marketplacecatalog/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacecommerceanalytics/api_client.go b/service/marketplacecommerceanalytics/api_client.go index f4737961f1f..2e0104b070a 100644 --- a/service/marketplacecommerceanalytics/api_client.go +++ b/service/marketplacecommerceanalytics/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/marketplacecommerceanalytics/auth.go b/service/marketplacecommerceanalytics/auth.go index f72a1ed55b5..e2a49d4c18a 100644 --- a/service/marketplacecommerceanalytics/auth.go +++ b/service/marketplacecommerceanalytics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacecommerceanalytics/endpoints.go b/service/marketplacecommerceanalytics/endpoints.go index b2967415c94..6107bf83748 100644 --- a/service/marketplacecommerceanalytics/endpoints.go +++ b/service/marketplacecommerceanalytics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacecommerceanalytics/options.go b/service/marketplacecommerceanalytics/options.go index 1330c0fc695..b128f25ac0f 100644 --- a/service/marketplacecommerceanalytics/options.go +++ b/service/marketplacecommerceanalytics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacedeployment/api_client.go b/service/marketplacedeployment/api_client.go index bff64b9f55c..cd199994775 100644 --- a/service/marketplacedeployment/api_client.go +++ b/service/marketplacedeployment/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/marketplacedeployment/auth.go b/service/marketplacedeployment/auth.go index 6081e5a7ee2..13bf55bcb51 100644 --- a/service/marketplacedeployment/auth.go +++ b/service/marketplacedeployment/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacedeployment/endpoints.go b/service/marketplacedeployment/endpoints.go index 084d0800395..700412180b1 100644 --- a/service/marketplacedeployment/endpoints.go +++ b/service/marketplacedeployment/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacedeployment/options.go b/service/marketplacedeployment/options.go index 8389de8c430..7f72aeb691f 100644 --- a/service/marketplacedeployment/options.go +++ b/service/marketplacedeployment/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplaceentitlementservice/api_client.go b/service/marketplaceentitlementservice/api_client.go index 36162952e35..bb5931bf6d6 100644 --- a/service/marketplaceentitlementservice/api_client.go +++ b/service/marketplaceentitlementservice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/marketplaceentitlementservice/auth.go b/service/marketplaceentitlementservice/auth.go index f75c7f9d95a..1a0046774d3 100644 --- a/service/marketplaceentitlementservice/auth.go +++ b/service/marketplaceentitlementservice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplaceentitlementservice/endpoints.go b/service/marketplaceentitlementservice/endpoints.go index 584121f1218..b83cfe98ee5 100644 --- a/service/marketplaceentitlementservice/endpoints.go +++ b/service/marketplaceentitlementservice/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplaceentitlementservice/options.go b/service/marketplaceentitlementservice/options.go index c2184e89dfb..2e8f759ee93 100644 --- a/service/marketplaceentitlementservice/options.go +++ b/service/marketplaceentitlementservice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/marketplacemetering/api_client.go b/service/marketplacemetering/api_client.go index fcee0835df1..2fff344ca8a 100644 --- a/service/marketplacemetering/api_client.go +++ b/service/marketplacemetering/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/marketplacemetering/auth.go b/service/marketplacemetering/auth.go index c1bf21503b1..0b7bd593fce 100644 --- a/service/marketplacemetering/auth.go +++ b/service/marketplacemetering/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/marketplacemetering/endpoints.go b/service/marketplacemetering/endpoints.go index 6f24a81c2bf..04019bc5bfa 100644 --- a/service/marketplacemetering/endpoints.go +++ b/service/marketplacemetering/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/marketplacemetering/options.go b/service/marketplacemetering/options.go index 37da8e25dcc..e9892371904 100644 --- a/service/marketplacemetering/options.go +++ b/service/marketplacemetering/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediaconnect/api_client.go b/service/mediaconnect/api_client.go index 9ac8bbee459..fbbd33a4164 100644 --- a/service/mediaconnect/api_client.go +++ b/service/mediaconnect/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mediaconnect/auth.go b/service/mediaconnect/auth.go index 4df5cfc35e8..d8e9bd353b5 100644 --- a/service/mediaconnect/auth.go +++ b/service/mediaconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediaconnect/endpoints.go b/service/mediaconnect/endpoints.go index 714175918f0..c00fae69191 100644 --- a/service/mediaconnect/endpoints.go +++ b/service/mediaconnect/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediaconnect/options.go b/service/mediaconnect/options.go index ee6b25da336..e74c740cded 100644 --- a/service/mediaconnect/options.go +++ b/service/mediaconnect/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediaconvert/api_client.go b/service/mediaconvert/api_client.go index daa31c39223..4d1037f9dd3 100644 --- a/service/mediaconvert/api_client.go +++ b/service/mediaconvert/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mediaconvert/auth.go b/service/mediaconvert/auth.go index f82fcebb752..85f36c7e999 100644 --- a/service/mediaconvert/auth.go +++ b/service/mediaconvert/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediaconvert/endpoints.go b/service/mediaconvert/endpoints.go index 12a69bc1ad0..fb988ac51b8 100644 --- a/service/mediaconvert/endpoints.go +++ b/service/mediaconvert/endpoints.go @@ -471,7 +471,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -501,6 +501,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -510,7 +514,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediaconvert/options.go b/service/mediaconvert/options.go index 4fe061edf71..ce1452ec1a5 100644 --- a/service/mediaconvert/options.go +++ b/service/mediaconvert/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/medialive/api_client.go b/service/medialive/api_client.go index f44853ad5ed..7026e7d4904 100644 --- a/service/medialive/api_client.go +++ b/service/medialive/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/medialive/auth.go b/service/medialive/auth.go index 46fb5302d22..58daabc0fde 100644 --- a/service/medialive/auth.go +++ b/service/medialive/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/medialive/endpoints.go b/service/medialive/endpoints.go index 6747f6d5094..3ccdcb76d1c 100644 --- a/service/medialive/endpoints.go +++ b/service/medialive/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/medialive/options.go b/service/medialive/options.go index ec81cc5dee8..bbdd686453e 100644 --- a/service/medialive/options.go +++ b/service/medialive/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackage/api_client.go b/service/mediapackage/api_client.go index 8b0165e9f20..b2fdd885bbd 100644 --- a/service/mediapackage/api_client.go +++ b/service/mediapackage/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mediapackage/auth.go b/service/mediapackage/auth.go index c0c4052adc4..a68bc259857 100644 --- a/service/mediapackage/auth.go +++ b/service/mediapackage/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackage/endpoints.go b/service/mediapackage/endpoints.go index 7ceaab9f193..0842fb1477c 100644 --- a/service/mediapackage/endpoints.go +++ b/service/mediapackage/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackage/options.go b/service/mediapackage/options.go index 39ec32fa1d3..a0908248ce6 100644 --- a/service/mediapackage/options.go +++ b/service/mediapackage/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackagev2/api_client.go b/service/mediapackagev2/api_client.go index 7760163f498..be0711a1aa7 100644 --- a/service/mediapackagev2/api_client.go +++ b/service/mediapackagev2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mediapackagev2/auth.go b/service/mediapackagev2/auth.go index 27bb7dc022e..253e786869f 100644 --- a/service/mediapackagev2/auth.go +++ b/service/mediapackagev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackagev2/endpoints.go b/service/mediapackagev2/endpoints.go index 9fc9c51dce6..4146089cc47 100644 --- a/service/mediapackagev2/endpoints.go +++ b/service/mediapackagev2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackagev2/options.go b/service/mediapackagev2/options.go index 1675fdc9ee6..d2a872ec68f 100644 --- a/service/mediapackagev2/options.go +++ b/service/mediapackagev2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediapackagevod/api_client.go b/service/mediapackagevod/api_client.go index cca6e4fe24f..c757c48c502 100644 --- a/service/mediapackagevod/api_client.go +++ b/service/mediapackagevod/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mediapackagevod/auth.go b/service/mediapackagevod/auth.go index 11fbafdc5e2..6b63a7945f7 100644 --- a/service/mediapackagevod/auth.go +++ b/service/mediapackagevod/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediapackagevod/endpoints.go b/service/mediapackagevod/endpoints.go index dfab9252ff8..f5392edf7e6 100644 --- a/service/mediapackagevod/endpoints.go +++ b/service/mediapackagevod/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediapackagevod/options.go b/service/mediapackagevod/options.go index c442d68e51b..cc54c374e1f 100644 --- a/service/mediapackagevod/options.go +++ b/service/mediapackagevod/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediastore/api_client.go b/service/mediastore/api_client.go index 7d7beff274b..dd49e6c1d7d 100644 --- a/service/mediastore/api_client.go +++ b/service/mediastore/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mediastore/auth.go b/service/mediastore/auth.go index 9c4b4f065e2..ce2d149dc7c 100644 --- a/service/mediastore/auth.go +++ b/service/mediastore/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediastore/endpoints.go b/service/mediastore/endpoints.go index 4caf3f4d7cd..c3641d0d19d 100644 --- a/service/mediastore/endpoints.go +++ b/service/mediastore/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediastore/options.go b/service/mediastore/options.go index eb2dfdac997..990cd5ae7df 100644 --- a/service/mediastore/options.go +++ b/service/mediastore/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediastoredata/api_client.go b/service/mediastoredata/api_client.go index 87910bd1e6c..d178b6388b9 100644 --- a/service/mediastoredata/api_client.go +++ b/service/mediastoredata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mediastoredata/auth.go b/service/mediastoredata/auth.go index 5a1fd4fe886..2133ec9ca2a 100644 --- a/service/mediastoredata/auth.go +++ b/service/mediastoredata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediastoredata/endpoints.go b/service/mediastoredata/endpoints.go index 87419ddaede..315876da6a9 100644 --- a/service/mediastoredata/endpoints.go +++ b/service/mediastoredata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediastoredata/options.go b/service/mediastoredata/options.go index dc72f32ff42..4263af3afd5 100644 --- a/service/mediastoredata/options.go +++ b/service/mediastoredata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mediatailor/api_client.go b/service/mediatailor/api_client.go index 7d4ed37034b..20b06acb0ba 100644 --- a/service/mediatailor/api_client.go +++ b/service/mediatailor/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mediatailor/auth.go b/service/mediatailor/auth.go index 4d3bf974c6a..85114d20e3d 100644 --- a/service/mediatailor/auth.go +++ b/service/mediatailor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mediatailor/endpoints.go b/service/mediatailor/endpoints.go index 03c305b96a8..50aa4794c77 100644 --- a/service/mediatailor/endpoints.go +++ b/service/mediatailor/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mediatailor/options.go b/service/mediatailor/options.go index 6a54a999684..4219036ba78 100644 --- a/service/mediatailor/options.go +++ b/service/mediatailor/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/medicalimaging/api_client.go b/service/medicalimaging/api_client.go index cdead324fbe..81a7213fd72 100644 --- a/service/medicalimaging/api_client.go +++ b/service/medicalimaging/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/medicalimaging/auth.go b/service/medicalimaging/auth.go index 1650413683e..3a4dc9a7032 100644 --- a/service/medicalimaging/auth.go +++ b/service/medicalimaging/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/medicalimaging/endpoints.go b/service/medicalimaging/endpoints.go index f3517227e7e..0e3d42a3a48 100644 --- a/service/medicalimaging/endpoints.go +++ b/service/medicalimaging/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/medicalimaging/options.go b/service/medicalimaging/options.go index e58a40aff2c..c83eb87f344 100644 --- a/service/medicalimaging/options.go +++ b/service/medicalimaging/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/memorydb/api_client.go b/service/memorydb/api_client.go index c74e8a286d4..a85c5962c6b 100644 --- a/service/memorydb/api_client.go +++ b/service/memorydb/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/memorydb/auth.go b/service/memorydb/auth.go index 9ea7dc9d2b7..2dad9488456 100644 --- a/service/memorydb/auth.go +++ b/service/memorydb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/memorydb/endpoints.go b/service/memorydb/endpoints.go index c9c2d4f8a9d..357b0f0e498 100644 --- a/service/memorydb/endpoints.go +++ b/service/memorydb/endpoints.go @@ -470,7 +470,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -500,6 +500,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -509,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/memorydb/options.go b/service/memorydb/options.go index 8f1b5c652a2..ac23361a3ed 100644 --- a/service/memorydb/options.go +++ b/service/memorydb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mgn/api_client.go b/service/mgn/api_client.go index f5ec7e498d0..f0a47ba8339 100644 --- a/service/mgn/api_client.go +++ b/service/mgn/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mgn/auth.go b/service/mgn/auth.go index 033ec36a96a..a981b9c0159 100644 --- a/service/mgn/auth.go +++ b/service/mgn/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mgn/endpoints.go b/service/mgn/endpoints.go index d2e114d35c5..b0afc471e8d 100644 --- a/service/mgn/endpoints.go +++ b/service/mgn/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mgn/options.go b/service/mgn/options.go index a9c905a99dc..0bfd65e0fda 100644 --- a/service/mgn/options.go +++ b/service/mgn/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhub/api_client.go b/service/migrationhub/api_client.go index dc6d33a9adf..48877d5c5eb 100644 --- a/service/migrationhub/api_client.go +++ b/service/migrationhub/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/migrationhub/auth.go b/service/migrationhub/auth.go index d89541b35d6..afbfc43c403 100644 --- a/service/migrationhub/auth.go +++ b/service/migrationhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhub/endpoints.go b/service/migrationhub/endpoints.go index 15ba8c0f640..5404dcf8c67 100644 --- a/service/migrationhub/endpoints.go +++ b/service/migrationhub/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhub/options.go b/service/migrationhub/options.go index 63b9a730057..86a3c968442 100644 --- a/service/migrationhub/options.go +++ b/service/migrationhub/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubconfig/api_client.go b/service/migrationhubconfig/api_client.go index 1e18de4f824..3b5a3961167 100644 --- a/service/migrationhubconfig/api_client.go +++ b/service/migrationhubconfig/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/migrationhubconfig/auth.go b/service/migrationhubconfig/auth.go index 267a296e096..395cc27681d 100644 --- a/service/migrationhubconfig/auth.go +++ b/service/migrationhubconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubconfig/endpoints.go b/service/migrationhubconfig/endpoints.go index d5bffddbe4a..72335a17a0d 100644 --- a/service/migrationhubconfig/endpoints.go +++ b/service/migrationhubconfig/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubconfig/options.go b/service/migrationhubconfig/options.go index e769426399a..0ff1a8e291e 100644 --- a/service/migrationhubconfig/options.go +++ b/service/migrationhubconfig/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhuborchestrator/api_client.go b/service/migrationhuborchestrator/api_client.go index 2490eefc969..5f73cd00365 100644 --- a/service/migrationhuborchestrator/api_client.go +++ b/service/migrationhuborchestrator/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/migrationhuborchestrator/auth.go b/service/migrationhuborchestrator/auth.go index dc6fe954b50..dd65a04ed67 100644 --- a/service/migrationhuborchestrator/auth.go +++ b/service/migrationhuborchestrator/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhuborchestrator/endpoints.go b/service/migrationhuborchestrator/endpoints.go index cf2a0dc7c0f..ce91d342591 100644 --- a/service/migrationhuborchestrator/endpoints.go +++ b/service/migrationhuborchestrator/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhuborchestrator/options.go b/service/migrationhuborchestrator/options.go index 99e3e91c710..f9449a6bb07 100644 --- a/service/migrationhuborchestrator/options.go +++ b/service/migrationhuborchestrator/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubrefactorspaces/api_client.go b/service/migrationhubrefactorspaces/api_client.go index c1a5ac35d41..a61b428f0b5 100644 --- a/service/migrationhubrefactorspaces/api_client.go +++ b/service/migrationhubrefactorspaces/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/migrationhubrefactorspaces/auth.go b/service/migrationhubrefactorspaces/auth.go index 79884622158..32030142a49 100644 --- a/service/migrationhubrefactorspaces/auth.go +++ b/service/migrationhubrefactorspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubrefactorspaces/endpoints.go b/service/migrationhubrefactorspaces/endpoints.go index 6e6d45c549f..455ef1c0eb9 100644 --- a/service/migrationhubrefactorspaces/endpoints.go +++ b/service/migrationhubrefactorspaces/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubrefactorspaces/options.go b/service/migrationhubrefactorspaces/options.go index dc47d3edcc7..a7abbe6c369 100644 --- a/service/migrationhubrefactorspaces/options.go +++ b/service/migrationhubrefactorspaces/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/migrationhubstrategy/api_client.go b/service/migrationhubstrategy/api_client.go index e02e10bd6cf..ec1e343cc9a 100644 --- a/service/migrationhubstrategy/api_client.go +++ b/service/migrationhubstrategy/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/migrationhubstrategy/auth.go b/service/migrationhubstrategy/auth.go index c26be3e35df..2a2edee6545 100644 --- a/service/migrationhubstrategy/auth.go +++ b/service/migrationhubstrategy/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/migrationhubstrategy/endpoints.go b/service/migrationhubstrategy/endpoints.go index 8913f590413..d46e3d83c67 100644 --- a/service/migrationhubstrategy/endpoints.go +++ b/service/migrationhubstrategy/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/migrationhubstrategy/options.go b/service/migrationhubstrategy/options.go index 988fd79ade1..45d0d2d9549 100644 --- a/service/migrationhubstrategy/options.go +++ b/service/migrationhubstrategy/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mobile/api_client.go b/service/mobile/api_client.go index 86e53f7f4a3..e8d9b173546 100644 --- a/service/mobile/api_client.go +++ b/service/mobile/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mobile/auth.go b/service/mobile/auth.go index 0359b30e4ec..9adadfc75c9 100644 --- a/service/mobile/auth.go +++ b/service/mobile/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mobile/endpoints.go b/service/mobile/endpoints.go index 787d1a6ca30..20a9d9ba9da 100644 --- a/service/mobile/endpoints.go +++ b/service/mobile/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mobile/options.go b/service/mobile/options.go index 6d00135e699..51bf301c217 100644 --- a/service/mobile/options.go +++ b/service/mobile/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mq/api_client.go b/service/mq/api_client.go index 9007e3b28fd..e1aae91f32f 100644 --- a/service/mq/api_client.go +++ b/service/mq/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mq/auth.go b/service/mq/auth.go index b4bd0b92966..08b2ddfb51b 100644 --- a/service/mq/auth.go +++ b/service/mq/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mq/endpoints.go b/service/mq/endpoints.go index cf8e2d3c097..e8e69585411 100644 --- a/service/mq/endpoints.go +++ b/service/mq/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mq/options.go b/service/mq/options.go index 8f7eb0483e4..064f03936bf 100644 --- a/service/mq/options.go +++ b/service/mq/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mturk/api_client.go b/service/mturk/api_client.go index f99e2dc0611..5712cda5bf1 100644 --- a/service/mturk/api_client.go +++ b/service/mturk/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mturk/auth.go b/service/mturk/auth.go index 5ab097b2808..4a3141f6065 100644 --- a/service/mturk/auth.go +++ b/service/mturk/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mturk/endpoints.go b/service/mturk/endpoints.go index f0dc2071be6..39bc9585639 100644 --- a/service/mturk/endpoints.go +++ b/service/mturk/endpoints.go @@ -452,7 +452,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -482,6 +482,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -491,7 +495,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mturk/options.go b/service/mturk/options.go index a3035071e59..29a58949c96 100644 --- a/service/mturk/options.go +++ b/service/mturk/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/mwaa/api_client.go b/service/mwaa/api_client.go index 8586f146941..227cf86d971 100644 --- a/service/mwaa/api_client.go +++ b/service/mwaa/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/mwaa/auth.go b/service/mwaa/auth.go index 06e66fb967b..653577f835d 100644 --- a/service/mwaa/auth.go +++ b/service/mwaa/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mwaa/endpoints.go b/service/mwaa/endpoints.go index eabfc44c9ba..9ecc2eb6cb6 100644 --- a/service/mwaa/endpoints.go +++ b/service/mwaa/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mwaa/options.go b/service/mwaa/options.go index 406e538271a..8275105362c 100644 --- a/service/mwaa/options.go +++ b/service/mwaa/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptune/api_client.go b/service/neptune/api_client.go index a56c87a9fac..3ef196d1753 100644 --- a/service/neptune/api_client.go +++ b/service/neptune/api_client.go @@ -18,6 +18,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/neptune/auth.go b/service/neptune/auth.go index ca9d419446f..961ca98a77f 100644 --- a/service/neptune/auth.go +++ b/service/neptune/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptune/endpoints.go b/service/neptune/endpoints.go index 699a665457a..8b6edc748a9 100644 --- a/service/neptune/endpoints.go +++ b/service/neptune/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptune/options.go b/service/neptune/options.go index 2ca079c69a3..3a292c677ef 100644 --- a/service/neptune/options.go +++ b/service/neptune/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptunedata/api_client.go b/service/neptunedata/api_client.go index 6ac9b95908f..71b03f1445b 100644 --- a/service/neptunedata/api_client.go +++ b/service/neptunedata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/neptunedata/auth.go b/service/neptunedata/auth.go index 92a6c9c0527..7fd7ca3f53b 100644 --- a/service/neptunedata/auth.go +++ b/service/neptunedata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptunedata/endpoints.go b/service/neptunedata/endpoints.go index eb372cf40de..6b2a2ece2f3 100644 --- a/service/neptunedata/endpoints.go +++ b/service/neptunedata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptunedata/options.go b/service/neptunedata/options.go index 447aae298a4..472236396bb 100644 --- a/service/neptunedata/options.go +++ b/service/neptunedata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/neptunegraph/api_client.go b/service/neptunegraph/api_client.go index 9d939edaf81..4c1bdc64d85 100644 --- a/service/neptunegraph/api_client.go +++ b/service/neptunegraph/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/neptunegraph/auth.go b/service/neptunegraph/auth.go index c5409c12fcf..cbd64373521 100644 --- a/service/neptunegraph/auth.go +++ b/service/neptunegraph/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/neptunegraph/endpoints.go b/service/neptunegraph/endpoints.go index ba354e69cda..11040e4d939 100644 --- a/service/neptunegraph/endpoints.go +++ b/service/neptunegraph/endpoints.go @@ -504,7 +504,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -534,6 +534,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -543,7 +547,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/neptunegraph/options.go b/service/neptunegraph/options.go index 846efcca619..564f35d8868 100644 --- a/service/neptunegraph/options.go +++ b/service/neptunegraph/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkfirewall/api_client.go b/service/networkfirewall/api_client.go index 41c436676fb..dcebfd246db 100644 --- a/service/networkfirewall/api_client.go +++ b/service/networkfirewall/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/networkfirewall/auth.go b/service/networkfirewall/auth.go index 1b9402e8cc9..bc775e9fb50 100644 --- a/service/networkfirewall/auth.go +++ b/service/networkfirewall/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkfirewall/endpoints.go b/service/networkfirewall/endpoints.go index 122be24642a..7a6d6e3b27e 100644 --- a/service/networkfirewall/endpoints.go +++ b/service/networkfirewall/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkfirewall/options.go b/service/networkfirewall/options.go index 062e8dc6628..a2d50218620 100644 --- a/service/networkfirewall/options.go +++ b/service/networkfirewall/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkmanager/api_client.go b/service/networkmanager/api_client.go index 4c22e95584b..1e504688592 100644 --- a/service/networkmanager/api_client.go +++ b/service/networkmanager/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/networkmanager/auth.go b/service/networkmanager/auth.go index 93a4a98aff4..059516ee0ab 100644 --- a/service/networkmanager/auth.go +++ b/service/networkmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkmanager/endpoints.go b/service/networkmanager/endpoints.go index 91d0b91d051..c13cda1f20b 100644 --- a/service/networkmanager/endpoints.go +++ b/service/networkmanager/endpoints.go @@ -508,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,6 +538,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkmanager/options.go b/service/networkmanager/options.go index c3a80a8f19f..2ef272c81c9 100644 --- a/service/networkmanager/options.go +++ b/service/networkmanager/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/networkmonitor/api_client.go b/service/networkmonitor/api_client.go index 02e2d8f5d83..499cc57fc10 100644 --- a/service/networkmonitor/api_client.go +++ b/service/networkmonitor/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/networkmonitor/auth.go b/service/networkmonitor/auth.go index 4e8dbcd26eb..916e3d00efe 100644 --- a/service/networkmonitor/auth.go +++ b/service/networkmonitor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/networkmonitor/endpoints.go b/service/networkmonitor/endpoints.go index 88141f9cec5..f86e340dff3 100644 --- a/service/networkmonitor/endpoints.go +++ b/service/networkmonitor/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/networkmonitor/options.go b/service/networkmonitor/options.go index 90427c15d77..968fe209480 100644 --- a/service/networkmonitor/options.go +++ b/service/networkmonitor/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/nimble/api_client.go b/service/nimble/api_client.go index 355c015e228..44975f2b7fe 100644 --- a/service/nimble/api_client.go +++ b/service/nimble/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/nimble/auth.go b/service/nimble/auth.go index a132e9880ab..18fe4c1f70c 100644 --- a/service/nimble/auth.go +++ b/service/nimble/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/nimble/endpoints.go b/service/nimble/endpoints.go index 0b7aecabfc8..0934b4a258d 100644 --- a/service/nimble/endpoints.go +++ b/service/nimble/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/nimble/options.go b/service/nimble/options.go index d839d14c433..5e6e7d42948 100644 --- a/service/nimble/options.go +++ b/service/nimble/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/oam/api_client.go b/service/oam/api_client.go index 5a356fa9614..50f32930476 100644 --- a/service/oam/api_client.go +++ b/service/oam/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/oam/auth.go b/service/oam/auth.go index 7f45f8d46ab..fc74c0a04e3 100644 --- a/service/oam/auth.go +++ b/service/oam/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/oam/endpoints.go b/service/oam/endpoints.go index 331f5e1b7e5..d08cac1588e 100644 --- a/service/oam/endpoints.go +++ b/service/oam/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/oam/options.go b/service/oam/options.go index 24180adaa4e..e4875ff529e 100644 --- a/service/oam/options.go +++ b/service/oam/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/omics/api_client.go b/service/omics/api_client.go index 08ba6cf5462..3905884b64f 100644 --- a/service/omics/api_client.go +++ b/service/omics/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/omics/auth.go b/service/omics/auth.go index 83a846acccf..beadb3c9bfe 100644 --- a/service/omics/auth.go +++ b/service/omics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -160,7 +160,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/omics/endpoints.go b/service/omics/endpoints.go index ad32ab91189..5e06ba5f777 100644 --- a/service/omics/endpoints.go +++ b/service/omics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/omics/options.go b/service/omics/options.go index 2f58759c3b9..8825f71ef74 100644 --- a/service/omics/options.go +++ b/service/omics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opensearch/api_client.go b/service/opensearch/api_client.go index c421bcdf014..81249f5a34f 100644 --- a/service/opensearch/api_client.go +++ b/service/opensearch/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/opensearch/auth.go b/service/opensearch/auth.go index 8b5a30b77a8..72ee61023d8 100644 --- a/service/opensearch/auth.go +++ b/service/opensearch/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opensearch/endpoints.go b/service/opensearch/endpoints.go index 365040b50d6..2b387447e19 100644 --- a/service/opensearch/endpoints.go +++ b/service/opensearch/endpoints.go @@ -496,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,6 +526,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opensearch/options.go b/service/opensearch/options.go index e2478fcd762..5f3a2fd07ff 100644 --- a/service/opensearch/options.go +++ b/service/opensearch/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opensearchserverless/api_client.go b/service/opensearchserverless/api_client.go index f4fa44027b2..376bf094a11 100644 --- a/service/opensearchserverless/api_client.go +++ b/service/opensearchserverless/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/opensearchserverless/auth.go b/service/opensearchserverless/auth.go index 9d7c3cccb76..4135b8577e7 100644 --- a/service/opensearchserverless/auth.go +++ b/service/opensearchserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opensearchserverless/endpoints.go b/service/opensearchserverless/endpoints.go index 13b99ae1596..74f2fd0e9fe 100644 --- a/service/opensearchserverless/endpoints.go +++ b/service/opensearchserverless/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opensearchserverless/options.go b/service/opensearchserverless/options.go index 5ae7820a093..7a058d8f776 100644 --- a/service/opensearchserverless/options.go +++ b/service/opensearchserverless/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opsworks/api_client.go b/service/opsworks/api_client.go index 3b85b3cd7aa..adfab161292 100644 --- a/service/opsworks/api_client.go +++ b/service/opsworks/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/opsworks/auth.go b/service/opsworks/auth.go index e276062caab..e9742dc0827 100644 --- a/service/opsworks/auth.go +++ b/service/opsworks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opsworks/endpoints.go b/service/opsworks/endpoints.go index f3dd8e1d4f1..997a845df21 100644 --- a/service/opsworks/endpoints.go +++ b/service/opsworks/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opsworks/options.go b/service/opsworks/options.go index 2f822c32416..04386c103cc 100644 --- a/service/opsworks/options.go +++ b/service/opsworks/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/opsworkscm/api_client.go b/service/opsworkscm/api_client.go index 606b51f6483..2fd125d5045 100644 --- a/service/opsworkscm/api_client.go +++ b/service/opsworkscm/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/opsworkscm/auth.go b/service/opsworkscm/auth.go index eb4c462a222..1a3ed016cbe 100644 --- a/service/opsworkscm/auth.go +++ b/service/opsworkscm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/opsworkscm/endpoints.go b/service/opsworkscm/endpoints.go index e000b6a0148..61a892d2440 100644 --- a/service/opsworkscm/endpoints.go +++ b/service/opsworkscm/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/opsworkscm/options.go b/service/opsworkscm/options.go index e70c2ac0ffb..31361f63b79 100644 --- a/service/opsworkscm/options.go +++ b/service/opsworkscm/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/organizations/api_client.go b/service/organizations/api_client.go index 2b38af470ff..aaf225b36b0 100644 --- a/service/organizations/api_client.go +++ b/service/organizations/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/organizations/auth.go b/service/organizations/auth.go index 3e8a26568c4..8b97167a1c8 100644 --- a/service/organizations/auth.go +++ b/service/organizations/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/organizations/endpoints.go b/service/organizations/endpoints.go index a60407a753c..9cb7e0897fe 100644 --- a/service/organizations/endpoints.go +++ b/service/organizations/endpoints.go @@ -610,7 +610,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -640,6 +640,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -649,7 +653,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/organizations/options.go b/service/organizations/options.go index ba05eb89a41..236971bc661 100644 --- a/service/organizations/options.go +++ b/service/organizations/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/osis/api_client.go b/service/osis/api_client.go index fc33b2be48f..847ac654c49 100644 --- a/service/osis/api_client.go +++ b/service/osis/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/osis/auth.go b/service/osis/auth.go index 15025142c33..a5da268d6ce 100644 --- a/service/osis/auth.go +++ b/service/osis/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/osis/endpoints.go b/service/osis/endpoints.go index 9f21c59c17f..eb6caefab88 100644 --- a/service/osis/endpoints.go +++ b/service/osis/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/osis/options.go b/service/osis/options.go index 467d937e6f0..5b33cf0e17d 100644 --- a/service/osis/options.go +++ b/service/osis/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/outposts/api_client.go b/service/outposts/api_client.go index 4eb96aeec7c..df0169f2082 100644 --- a/service/outposts/api_client.go +++ b/service/outposts/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/outposts/auth.go b/service/outposts/auth.go index 2cba6d3a70b..62b159ed66a 100644 --- a/service/outposts/auth.go +++ b/service/outposts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/outposts/endpoints.go b/service/outposts/endpoints.go index 3d87302dc9c..8ae52560255 100644 --- a/service/outposts/endpoints.go +++ b/service/outposts/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/outposts/options.go b/service/outposts/options.go index 5c4fa3244f0..7491e83c875 100644 --- a/service/outposts/options.go +++ b/service/outposts/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/panorama/api_client.go b/service/panorama/api_client.go index 857bfb1c2c0..eeaf713265a 100644 --- a/service/panorama/api_client.go +++ b/service/panorama/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/panorama/auth.go b/service/panorama/auth.go index 408dba51cdd..ffb56a4bc2f 100644 --- a/service/panorama/auth.go +++ b/service/panorama/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/panorama/endpoints.go b/service/panorama/endpoints.go index 3d248780660..a316ff3052c 100644 --- a/service/panorama/endpoints.go +++ b/service/panorama/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/panorama/options.go b/service/panorama/options.go index 7586bafeb49..18ab0018a7c 100644 --- a/service/panorama/options.go +++ b/service/panorama/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/paymentcryptography/api_client.go b/service/paymentcryptography/api_client.go index 3dbb67e916a..2da85b277c9 100644 --- a/service/paymentcryptography/api_client.go +++ b/service/paymentcryptography/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/paymentcryptography/auth.go b/service/paymentcryptography/auth.go index 9ff3271eb22..67059a8a043 100644 --- a/service/paymentcryptography/auth.go +++ b/service/paymentcryptography/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/paymentcryptography/endpoints.go b/service/paymentcryptography/endpoints.go index 5f44216663f..3af9af64764 100644 --- a/service/paymentcryptography/endpoints.go +++ b/service/paymentcryptography/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/paymentcryptography/options.go b/service/paymentcryptography/options.go index af359cb2b43..134ed49557e 100644 --- a/service/paymentcryptography/options.go +++ b/service/paymentcryptography/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/paymentcryptographydata/api_client.go b/service/paymentcryptographydata/api_client.go index 5241f23ee7e..075ca9ebe10 100644 --- a/service/paymentcryptographydata/api_client.go +++ b/service/paymentcryptographydata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/paymentcryptographydata/auth.go b/service/paymentcryptographydata/auth.go index 750fa36ea67..2866111d9bf 100644 --- a/service/paymentcryptographydata/auth.go +++ b/service/paymentcryptographydata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/paymentcryptographydata/endpoints.go b/service/paymentcryptographydata/endpoints.go index 9245cc59e8d..d7db32bdb44 100644 --- a/service/paymentcryptographydata/endpoints.go +++ b/service/paymentcryptographydata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/paymentcryptographydata/options.go b/service/paymentcryptographydata/options.go index 3eda695222a..63d35477c9f 100644 --- a/service/paymentcryptographydata/options.go +++ b/service/paymentcryptographydata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pcaconnectorad/api_client.go b/service/pcaconnectorad/api_client.go index 94ab171e0a0..61bcdc3d388 100644 --- a/service/pcaconnectorad/api_client.go +++ b/service/pcaconnectorad/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/pcaconnectorad/auth.go b/service/pcaconnectorad/auth.go index b30abfba5ae..af7c985e318 100644 --- a/service/pcaconnectorad/auth.go +++ b/service/pcaconnectorad/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pcaconnectorad/endpoints.go b/service/pcaconnectorad/endpoints.go index 8e87d64050b..0d32ddac519 100644 --- a/service/pcaconnectorad/endpoints.go +++ b/service/pcaconnectorad/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pcaconnectorad/options.go b/service/pcaconnectorad/options.go index 083818f4014..e8fa0d1ce65 100644 --- a/service/pcaconnectorad/options.go +++ b/service/pcaconnectorad/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalize/api_client.go b/service/personalize/api_client.go index aba4b45a56f..705a7a5f373 100644 --- a/service/personalize/api_client.go +++ b/service/personalize/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/personalize/auth.go b/service/personalize/auth.go index 8ef02ff21d2..e9f40e7e9a6 100644 --- a/service/personalize/auth.go +++ b/service/personalize/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalize/endpoints.go b/service/personalize/endpoints.go index 2d3323230e1..139f1c44270 100644 --- a/service/personalize/endpoints.go +++ b/service/personalize/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalize/options.go b/service/personalize/options.go index 7ae259d20af..13bc2b5e6ce 100644 --- a/service/personalize/options.go +++ b/service/personalize/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalizeevents/api_client.go b/service/personalizeevents/api_client.go index d6db4f36812..510131bc6af 100644 --- a/service/personalizeevents/api_client.go +++ b/service/personalizeevents/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/personalizeevents/auth.go b/service/personalizeevents/auth.go index ed002654aba..54233e86197 100644 --- a/service/personalizeevents/auth.go +++ b/service/personalizeevents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalizeevents/endpoints.go b/service/personalizeevents/endpoints.go index 0216545c14b..745e46afa64 100644 --- a/service/personalizeevents/endpoints.go +++ b/service/personalizeevents/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalizeevents/options.go b/service/personalizeevents/options.go index 55912cfdb51..0e647e11018 100644 --- a/service/personalizeevents/options.go +++ b/service/personalizeevents/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/personalizeruntime/api_client.go b/service/personalizeruntime/api_client.go index fee4e90dd44..20fb8b96464 100644 --- a/service/personalizeruntime/api_client.go +++ b/service/personalizeruntime/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/personalizeruntime/auth.go b/service/personalizeruntime/auth.go index 2471a19d0ec..9e1c7f6a53a 100644 --- a/service/personalizeruntime/auth.go +++ b/service/personalizeruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/personalizeruntime/endpoints.go b/service/personalizeruntime/endpoints.go index 4eb89fe9345..51f531ca063 100644 --- a/service/personalizeruntime/endpoints.go +++ b/service/personalizeruntime/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/personalizeruntime/options.go b/service/personalizeruntime/options.go index 2151d25767a..cde4f0c5ffe 100644 --- a/service/personalizeruntime/options.go +++ b/service/personalizeruntime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pi/api_client.go b/service/pi/api_client.go index 9be04518dcd..a2c9598382d 100644 --- a/service/pi/api_client.go +++ b/service/pi/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/pi/auth.go b/service/pi/auth.go index e591b8ec95a..a867ad7cd99 100644 --- a/service/pi/auth.go +++ b/service/pi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pi/endpoints.go b/service/pi/endpoints.go index 75a57d1cd7a..c5ffc3e1c69 100644 --- a/service/pi/endpoints.go +++ b/service/pi/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pi/options.go b/service/pi/options.go index 45e4e44cfc3..146a5cbc5b4 100644 --- a/service/pi/options.go +++ b/service/pi/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpoint/api_client.go b/service/pinpoint/api_client.go index 8b9d2324a1c..e871aa26c19 100644 --- a/service/pinpoint/api_client.go +++ b/service/pinpoint/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/pinpoint/auth.go b/service/pinpoint/auth.go index 0a48a980aa8..f3e3cebe31c 100644 --- a/service/pinpoint/auth.go +++ b/service/pinpoint/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpoint/endpoints.go b/service/pinpoint/endpoints.go index a3852da6ead..9634fbd81ee 100644 --- a/service/pinpoint/endpoints.go +++ b/service/pinpoint/endpoints.go @@ -516,7 +516,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -546,6 +546,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -555,7 +559,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpoint/options.go b/service/pinpoint/options.go index 8637dc98f5e..4ef2340998b 100644 --- a/service/pinpoint/options.go +++ b/service/pinpoint/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointemail/api_client.go b/service/pinpointemail/api_client.go index 4f40eaa3cf2..3b46b27a7bd 100644 --- a/service/pinpointemail/api_client.go +++ b/service/pinpointemail/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/pinpointemail/auth.go b/service/pinpointemail/auth.go index 2a4d0ab93ce..1d72565d1de 100644 --- a/service/pinpointemail/auth.go +++ b/service/pinpointemail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointemail/endpoints.go b/service/pinpointemail/endpoints.go index ee2e52641f3..e1b855ddf09 100644 --- a/service/pinpointemail/endpoints.go +++ b/service/pinpointemail/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointemail/options.go b/service/pinpointemail/options.go index a6031918084..4ce81dea383 100644 --- a/service/pinpointemail/options.go +++ b/service/pinpointemail/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointsmsvoice/api_client.go b/service/pinpointsmsvoice/api_client.go index 10c941de73d..1a503ceb5c3 100644 --- a/service/pinpointsmsvoice/api_client.go +++ b/service/pinpointsmsvoice/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/pinpointsmsvoice/auth.go b/service/pinpointsmsvoice/auth.go index 4b0847e23e0..68cd75db373 100644 --- a/service/pinpointsmsvoice/auth.go +++ b/service/pinpointsmsvoice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointsmsvoice/endpoints.go b/service/pinpointsmsvoice/endpoints.go index ff94c4d51a0..cda95e6b8d6 100644 --- a/service/pinpointsmsvoice/endpoints.go +++ b/service/pinpointsmsvoice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointsmsvoice/options.go b/service/pinpointsmsvoice/options.go index a0f22871ffa..8b0566f97e7 100644 --- a/service/pinpointsmsvoice/options.go +++ b/service/pinpointsmsvoice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pinpointsmsvoicev2/api_client.go b/service/pinpointsmsvoicev2/api_client.go index 123dab90690..95512a5ebe1 100644 --- a/service/pinpointsmsvoicev2/api_client.go +++ b/service/pinpointsmsvoicev2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/pinpointsmsvoicev2/auth.go b/service/pinpointsmsvoicev2/auth.go index c5d979e30c8..7789ba62d77 100644 --- a/service/pinpointsmsvoicev2/auth.go +++ b/service/pinpointsmsvoicev2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pinpointsmsvoicev2/endpoints.go b/service/pinpointsmsvoicev2/endpoints.go index b2fd8232da9..4da82dda7e1 100644 --- a/service/pinpointsmsvoicev2/endpoints.go +++ b/service/pinpointsmsvoicev2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pinpointsmsvoicev2/options.go b/service/pinpointsmsvoicev2/options.go index 48eb5cd75c2..56437f597b2 100644 --- a/service/pinpointsmsvoicev2/options.go +++ b/service/pinpointsmsvoicev2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pipes/api_client.go b/service/pipes/api_client.go index c9e2b00ac33..d7765a5eb3e 100644 --- a/service/pipes/api_client.go +++ b/service/pipes/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/pipes/auth.go b/service/pipes/auth.go index 15a361df493..65bcc51a644 100644 --- a/service/pipes/auth.go +++ b/service/pipes/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pipes/endpoints.go b/service/pipes/endpoints.go index 0e2dcb747f6..61594a6efdf 100644 --- a/service/pipes/endpoints.go +++ b/service/pipes/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pipes/options.go b/service/pipes/options.go index f3d862a64b0..6faddb187c1 100644 --- a/service/pipes/options.go +++ b/service/pipes/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/polly/api_client.go b/service/polly/api_client.go index f86584d8794..b48fb763175 100644 --- a/service/polly/api_client.go +++ b/service/polly/api_client.go @@ -18,6 +18,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/polly/auth.go b/service/polly/auth.go index ec4a0e8f072..e236194b3b6 100644 --- a/service/polly/auth.go +++ b/service/polly/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/polly/endpoints.go b/service/polly/endpoints.go index 60f48afbff6..1f5d294d082 100644 --- a/service/polly/endpoints.go +++ b/service/polly/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/polly/options.go b/service/polly/options.go index 0941ae37fe2..ae409fceaeb 100644 --- a/service/polly/options.go +++ b/service/polly/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/pricing/api_client.go b/service/pricing/api_client.go index 3185fe07dbd..75d018e9b09 100644 --- a/service/pricing/api_client.go +++ b/service/pricing/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/pricing/auth.go b/service/pricing/auth.go index dcc7845c983..bc59065f79f 100644 --- a/service/pricing/auth.go +++ b/service/pricing/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/pricing/endpoints.go b/service/pricing/endpoints.go index 19240dd1b67..6177774c09d 100644 --- a/service/pricing/endpoints.go +++ b/service/pricing/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/pricing/options.go b/service/pricing/options.go index 75cf87de816..930fe8a927e 100644 --- a/service/pricing/options.go +++ b/service/pricing/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/privatenetworks/api_client.go b/service/privatenetworks/api_client.go index a3ea5b4b90a..749e7be8c09 100644 --- a/service/privatenetworks/api_client.go +++ b/service/privatenetworks/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/privatenetworks/auth.go b/service/privatenetworks/auth.go index 3fad0959e16..4363920f293 100644 --- a/service/privatenetworks/auth.go +++ b/service/privatenetworks/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/privatenetworks/endpoints.go b/service/privatenetworks/endpoints.go index f1ce79453b0..06a45bde1a3 100644 --- a/service/privatenetworks/endpoints.go +++ b/service/privatenetworks/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/privatenetworks/options.go b/service/privatenetworks/options.go index e48aa49665e..782cc5bd55a 100644 --- a/service/privatenetworks/options.go +++ b/service/privatenetworks/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/proton/api_client.go b/service/proton/api_client.go index 437c082b320..23d3e7f8de3 100644 --- a/service/proton/api_client.go +++ b/service/proton/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/proton/auth.go b/service/proton/auth.go index 1bde7428634..ab6b77aee8c 100644 --- a/service/proton/auth.go +++ b/service/proton/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/proton/endpoints.go b/service/proton/endpoints.go index f626b182268..d7677b1fd50 100644 --- a/service/proton/endpoints.go +++ b/service/proton/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/proton/options.go b/service/proton/options.go index 58fa104099b..717aca955d2 100644 --- a/service/proton/options.go +++ b/service/proton/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qbusiness/api_client.go b/service/qbusiness/api_client.go index a949e8d47b9..32168a75d9c 100644 --- a/service/qbusiness/api_client.go +++ b/service/qbusiness/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/qbusiness/auth.go b/service/qbusiness/auth.go index 487dc2392d2..6159b335e6a 100644 --- a/service/qbusiness/auth.go +++ b/service/qbusiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qbusiness/endpoints.go b/service/qbusiness/endpoints.go index eb3d36d677b..7899de120b7 100644 --- a/service/qbusiness/endpoints.go +++ b/service/qbusiness/endpoints.go @@ -411,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,6 +440,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qbusiness/options.go b/service/qbusiness/options.go index 963714ee904..f34041b8713 100644 --- a/service/qbusiness/options.go +++ b/service/qbusiness/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qconnect/api_client.go b/service/qconnect/api_client.go index 824271643ae..3115a4e3813 100644 --- a/service/qconnect/api_client.go +++ b/service/qconnect/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/qconnect/auth.go b/service/qconnect/auth.go index 34142319821..02fbfa2a828 100644 --- a/service/qconnect/auth.go +++ b/service/qconnect/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qconnect/endpoints.go b/service/qconnect/endpoints.go index 8a6efd31f04..231499ef962 100644 --- a/service/qconnect/endpoints.go +++ b/service/qconnect/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qconnect/options.go b/service/qconnect/options.go index 42c2b4fba85..b8c0fb89e0f 100644 --- a/service/qconnect/options.go +++ b/service/qconnect/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qldb/api_client.go b/service/qldb/api_client.go index 5207dc64109..d2ec2e83cbd 100644 --- a/service/qldb/api_client.go +++ b/service/qldb/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/qldb/auth.go b/service/qldb/auth.go index eb1a484cd8c..35c656e58b0 100644 --- a/service/qldb/auth.go +++ b/service/qldb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qldb/endpoints.go b/service/qldb/endpoints.go index 9a9545a41c3..54833ca5d9f 100644 --- a/service/qldb/endpoints.go +++ b/service/qldb/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qldb/options.go b/service/qldb/options.go index 28bc949451c..53f7a1b72a1 100644 --- a/service/qldb/options.go +++ b/service/qldb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/qldbsession/api_client.go b/service/qldbsession/api_client.go index 7338fe6362e..1f5b14c458a 100644 --- a/service/qldbsession/api_client.go +++ b/service/qldbsession/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/qldbsession/auth.go b/service/qldbsession/auth.go index 051dc62b032..35139b076c8 100644 --- a/service/qldbsession/auth.go +++ b/service/qldbsession/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/qldbsession/endpoints.go b/service/qldbsession/endpoints.go index 14d4440a07b..5eacc2f2677 100644 --- a/service/qldbsession/endpoints.go +++ b/service/qldbsession/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/qldbsession/options.go b/service/qldbsession/options.go index b79b15fb87f..120d7b5919b 100644 --- a/service/qldbsession/options.go +++ b/service/qldbsession/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/quicksight/api_client.go b/service/quicksight/api_client.go index 6cfb1f2a856..f4ec90a5ab1 100644 --- a/service/quicksight/api_client.go +++ b/service/quicksight/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/quicksight/auth.go b/service/quicksight/auth.go index 3bbeeff2507..70edd0b6c42 100644 --- a/service/quicksight/auth.go +++ b/service/quicksight/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/quicksight/endpoints.go b/service/quicksight/endpoints.go index 0726df91f51..3349c6781c8 100644 --- a/service/quicksight/endpoints.go +++ b/service/quicksight/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/quicksight/options.go b/service/quicksight/options.go index bef20fecb97..2b6e99feab1 100644 --- a/service/quicksight/options.go +++ b/service/quicksight/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ram/api_client.go b/service/ram/api_client.go index c93034433b8..602b7300760 100644 --- a/service/ram/api_client.go +++ b/service/ram/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ram/auth.go b/service/ram/auth.go index 819418af550..522d1fbfdc3 100644 --- a/service/ram/auth.go +++ b/service/ram/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ram/endpoints.go b/service/ram/endpoints.go index 7ea4a9230e1..1bd4f543d24 100644 --- a/service/ram/endpoints.go +++ b/service/ram/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ram/options.go b/service/ram/options.go index 53cb5ed0457..e1c3960926f 100644 --- a/service/ram/options.go +++ b/service/ram/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rbin/api_client.go b/service/rbin/api_client.go index ff3b4f9f84e..957f7729275 100644 --- a/service/rbin/api_client.go +++ b/service/rbin/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/rbin/auth.go b/service/rbin/auth.go index 3c4c5d002c1..fdb85a71688 100644 --- a/service/rbin/auth.go +++ b/service/rbin/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rbin/endpoints.go b/service/rbin/endpoints.go index 98899eb1d78..86d9e974418 100644 --- a/service/rbin/endpoints.go +++ b/service/rbin/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rbin/options.go b/service/rbin/options.go index 8ab81fcf059..64ae7cbf2a2 100644 --- a/service/rbin/options.go +++ b/service/rbin/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rds/api_client.go b/service/rds/api_client.go index 55dd540d55f..0dbf7572122 100644 --- a/service/rds/api_client.go +++ b/service/rds/api_client.go @@ -18,6 +18,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -432,6 +434,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/rds/auth.go b/service/rds/auth.go index 4c1ad1ee8c5..0fcfedf1209 100644 --- a/service/rds/auth.go +++ b/service/rds/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rds/endpoints.go b/service/rds/endpoints.go index 57d8f837382..584028f9b11 100644 --- a/service/rds/endpoints.go +++ b/service/rds/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rds/options.go b/service/rds/options.go index f7d3a50892d..6c182b208cf 100644 --- a/service/rds/options.go +++ b/service/rds/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rdsdata/api_client.go b/service/rdsdata/api_client.go index 50e49aa2645..17c6e045dbe 100644 --- a/service/rdsdata/api_client.go +++ b/service/rdsdata/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/rdsdata/auth.go b/service/rdsdata/auth.go index 25e8d40014b..f39deaa0b8b 100644 --- a/service/rdsdata/auth.go +++ b/service/rdsdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rdsdata/endpoints.go b/service/rdsdata/endpoints.go index b8c5ae9530e..f88f31c4233 100644 --- a/service/rdsdata/endpoints.go +++ b/service/rdsdata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rdsdata/options.go b/service/rdsdata/options.go index 3d459c5681a..7abdd6782f3 100644 --- a/service/rdsdata/options.go +++ b/service/rdsdata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshift/api_client.go b/service/redshift/api_client.go index 09c9f3c9c08..10f26ac6d3a 100644 --- a/service/redshift/api_client.go +++ b/service/redshift/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/redshift/auth.go b/service/redshift/auth.go index 3e704fde790..670b5bad992 100644 --- a/service/redshift/auth.go +++ b/service/redshift/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshift/endpoints.go b/service/redshift/endpoints.go index 101b963a813..e1fb4b0b392 100644 --- a/service/redshift/endpoints.go +++ b/service/redshift/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshift/options.go b/service/redshift/options.go index 1131fd4e7ff..85b870afc23 100644 --- a/service/redshift/options.go +++ b/service/redshift/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshiftdata/api_client.go b/service/redshiftdata/api_client.go index 945d89a5e2b..90c63a0289a 100644 --- a/service/redshiftdata/api_client.go +++ b/service/redshiftdata/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/redshiftdata/auth.go b/service/redshiftdata/auth.go index 3d8523b426c..d57c4f51073 100644 --- a/service/redshiftdata/auth.go +++ b/service/redshiftdata/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshiftdata/endpoints.go b/service/redshiftdata/endpoints.go index 8c5b1013212..144fa87dccd 100644 --- a/service/redshiftdata/endpoints.go +++ b/service/redshiftdata/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshiftdata/options.go b/service/redshiftdata/options.go index 75274d1da99..fc3f22dd52d 100644 --- a/service/redshiftdata/options.go +++ b/service/redshiftdata/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/redshiftserverless/api_client.go b/service/redshiftserverless/api_client.go index 29267f3a8b1..2e025bb2ef7 100644 --- a/service/redshiftserverless/api_client.go +++ b/service/redshiftserverless/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/redshiftserverless/auth.go b/service/redshiftserverless/auth.go index 9954df495ea..90110bee168 100644 --- a/service/redshiftserverless/auth.go +++ b/service/redshiftserverless/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/redshiftserverless/endpoints.go b/service/redshiftserverless/endpoints.go index 8f48b3824f9..c8eaac48c31 100644 --- a/service/redshiftserverless/endpoints.go +++ b/service/redshiftserverless/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/redshiftserverless/options.go b/service/redshiftserverless/options.go index 3037bef5056..bc84ef4c56f 100644 --- a/service/redshiftserverless/options.go +++ b/service/redshiftserverless/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rekognition/api_client.go b/service/rekognition/api_client.go index 07aa39ac796..8f022889f1f 100644 --- a/service/rekognition/api_client.go +++ b/service/rekognition/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/rekognition/auth.go b/service/rekognition/auth.go index 31124e531a1..b920aabbefc 100644 --- a/service/rekognition/auth.go +++ b/service/rekognition/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rekognition/endpoints.go b/service/rekognition/endpoints.go index 40058c8a536..8d4ef4abb92 100644 --- a/service/rekognition/endpoints.go +++ b/service/rekognition/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rekognition/options.go b/service/rekognition/options.go index 98ebd9c8f26..cb398c3828a 100644 --- a/service/rekognition/options.go +++ b/service/rekognition/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/repostspace/api_client.go b/service/repostspace/api_client.go index f90bf60f41f..b9ab35fb9d6 100644 --- a/service/repostspace/api_client.go +++ b/service/repostspace/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/repostspace/auth.go b/service/repostspace/auth.go index 9660a59141c..24a6bab9986 100644 --- a/service/repostspace/auth.go +++ b/service/repostspace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/repostspace/endpoints.go b/service/repostspace/endpoints.go index c25dabc510e..a9d80439bb6 100644 --- a/service/repostspace/endpoints.go +++ b/service/repostspace/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/repostspace/options.go b/service/repostspace/options.go index 0370fd9d196..5edacad6a32 100644 --- a/service/repostspace/options.go +++ b/service/repostspace/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resiliencehub/api_client.go b/service/resiliencehub/api_client.go index 4717d710047..83341b34f54 100644 --- a/service/resiliencehub/api_client.go +++ b/service/resiliencehub/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/resiliencehub/auth.go b/service/resiliencehub/auth.go index 70128c734f3..a9d8f6544d3 100644 --- a/service/resiliencehub/auth.go +++ b/service/resiliencehub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resiliencehub/endpoints.go b/service/resiliencehub/endpoints.go index 585831e6b20..a23ce89d655 100644 --- a/service/resiliencehub/endpoints.go +++ b/service/resiliencehub/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resiliencehub/options.go b/service/resiliencehub/options.go index 0f88fcee0b4..9f1e176dcb4 100644 --- a/service/resiliencehub/options.go +++ b/service/resiliencehub/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourceexplorer2/api_client.go b/service/resourceexplorer2/api_client.go index 1bcf778b426..056d3388c0b 100644 --- a/service/resourceexplorer2/api_client.go +++ b/service/resourceexplorer2/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/resourceexplorer2/auth.go b/service/resourceexplorer2/auth.go index 0444437656d..51aa8c2f848 100644 --- a/service/resourceexplorer2/auth.go +++ b/service/resourceexplorer2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourceexplorer2/endpoints.go b/service/resourceexplorer2/endpoints.go index da20bbf70f5..d2d0ba6b46c 100644 --- a/service/resourceexplorer2/endpoints.go +++ b/service/resourceexplorer2/endpoints.go @@ -411,7 +411,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -440,6 +440,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -449,7 +453,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourceexplorer2/options.go b/service/resourceexplorer2/options.go index a5bab79f58d..53353bab462 100644 --- a/service/resourceexplorer2/options.go +++ b/service/resourceexplorer2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourcegroups/api_client.go b/service/resourcegroups/api_client.go index 481293664ec..b5d57481ac5 100644 --- a/service/resourcegroups/api_client.go +++ b/service/resourcegroups/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/resourcegroups/auth.go b/service/resourcegroups/auth.go index d769c10e82a..d96ad46486b 100644 --- a/service/resourcegroups/auth.go +++ b/service/resourcegroups/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourcegroups/endpoints.go b/service/resourcegroups/endpoints.go index a14bcd9f9d1..631f5687291 100644 --- a/service/resourcegroups/endpoints.go +++ b/service/resourcegroups/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourcegroups/options.go b/service/resourcegroups/options.go index c941e8dd7f8..27d91d3f046 100644 --- a/service/resourcegroups/options.go +++ b/service/resourcegroups/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/resourcegroupstaggingapi/api_client.go b/service/resourcegroupstaggingapi/api_client.go index 6f8349a91c0..ab5db576efc 100644 --- a/service/resourcegroupstaggingapi/api_client.go +++ b/service/resourcegroupstaggingapi/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/resourcegroupstaggingapi/auth.go b/service/resourcegroupstaggingapi/auth.go index a858c9c565c..d3bb5bf3285 100644 --- a/service/resourcegroupstaggingapi/auth.go +++ b/service/resourcegroupstaggingapi/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/resourcegroupstaggingapi/endpoints.go b/service/resourcegroupstaggingapi/endpoints.go index b91b084c9bb..5d4b0c6e3e8 100644 --- a/service/resourcegroupstaggingapi/endpoints.go +++ b/service/resourcegroupstaggingapi/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/resourcegroupstaggingapi/options.go b/service/resourcegroupstaggingapi/options.go index 247ed084c7c..5c43d717eb2 100644 --- a/service/resourcegroupstaggingapi/options.go +++ b/service/resourcegroupstaggingapi/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/robomaker/api_client.go b/service/robomaker/api_client.go index 2371a8790e0..b46e6a34bb8 100644 --- a/service/robomaker/api_client.go +++ b/service/robomaker/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/robomaker/auth.go b/service/robomaker/auth.go index b12a0f982bb..b8440c37ace 100644 --- a/service/robomaker/auth.go +++ b/service/robomaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/robomaker/endpoints.go b/service/robomaker/endpoints.go index 6de26356d85..4ab2ddd37d5 100644 --- a/service/robomaker/endpoints.go +++ b/service/robomaker/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/robomaker/options.go b/service/robomaker/options.go index 929dc42ba7b..fe12998852f 100644 --- a/service/robomaker/options.go +++ b/service/robomaker/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rolesanywhere/api_client.go b/service/rolesanywhere/api_client.go index afc78e0d1cd..256bf31fc5a 100644 --- a/service/rolesanywhere/api_client.go +++ b/service/rolesanywhere/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/rolesanywhere/auth.go b/service/rolesanywhere/auth.go index dad98f4e241..ef32181ab46 100644 --- a/service/rolesanywhere/auth.go +++ b/service/rolesanywhere/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rolesanywhere/endpoints.go b/service/rolesanywhere/endpoints.go index 6478bb68ed2..f110d0c1e65 100644 --- a/service/rolesanywhere/endpoints.go +++ b/service/rolesanywhere/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rolesanywhere/options.go b/service/rolesanywhere/options.go index d7e99288833..4c65840a665 100644 --- a/service/rolesanywhere/options.go +++ b/service/rolesanywhere/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53/api_client.go b/service/route53/api_client.go index c12337dedf6..4cee42ebf8e 100644 --- a/service/route53/api_client.go +++ b/service/route53/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" route53cust "github.com/aws/aws-sdk-go-v2/service/route53/internal/customizations" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -231,15 +232,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -430,6 +432,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/route53/auth.go b/service/route53/auth.go index 5e979833419..6eac2449603 100644 --- a/service/route53/auth.go +++ b/service/route53/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53/endpoints.go b/service/route53/endpoints.go index a2ef865a644..b0b2e9d41c2 100644 --- a/service/route53/endpoints.go +++ b/service/route53/endpoints.go @@ -746,7 +746,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -776,6 +776,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -785,7 +789,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53/options.go b/service/route53/options.go index 98b428f625c..c2220d60502 100644 --- a/service/route53/options.go +++ b/service/route53/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53domains/api_client.go b/service/route53domains/api_client.go index 72a5fa25f78..365836793b2 100644 --- a/service/route53domains/api_client.go +++ b/service/route53domains/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/route53domains/auth.go b/service/route53domains/auth.go index 51085fdccd6..5d1fde450ee 100644 --- a/service/route53domains/auth.go +++ b/service/route53domains/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53domains/endpoints.go b/service/route53domains/endpoints.go index 460616063b4..ff2bb82ce34 100644 --- a/service/route53domains/endpoints.go +++ b/service/route53domains/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53domains/options.go b/service/route53domains/options.go index a80c0cce1f4..392787ba7d2 100644 --- a/service/route53domains/options.go +++ b/service/route53domains/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycluster/api_client.go b/service/route53recoverycluster/api_client.go index b38e349ab56..7a3d72e59a3 100644 --- a/service/route53recoverycluster/api_client.go +++ b/service/route53recoverycluster/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/route53recoverycluster/auth.go b/service/route53recoverycluster/auth.go index 0bf77bf7bb3..7398c671b92 100644 --- a/service/route53recoverycluster/auth.go +++ b/service/route53recoverycluster/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoverycluster/endpoints.go b/service/route53recoverycluster/endpoints.go index 74dd38eea35..9188faa0e6e 100644 --- a/service/route53recoverycluster/endpoints.go +++ b/service/route53recoverycluster/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoverycluster/options.go b/service/route53recoverycluster/options.go index dbb94a43fca..24702c1c3f8 100644 --- a/service/route53recoverycluster/options.go +++ b/service/route53recoverycluster/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycontrolconfig/api_client.go b/service/route53recoverycontrolconfig/api_client.go index 512d34923c9..4b2a7d9051f 100644 --- a/service/route53recoverycontrolconfig/api_client.go +++ b/service/route53recoverycontrolconfig/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/route53recoverycontrolconfig/auth.go b/service/route53recoverycontrolconfig/auth.go index 78f797148e4..54f3aa53efa 100644 --- a/service/route53recoverycontrolconfig/auth.go +++ b/service/route53recoverycontrolconfig/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoverycontrolconfig/endpoints.go b/service/route53recoverycontrolconfig/endpoints.go index 2c38462bba4..1295254f399 100644 --- a/service/route53recoverycontrolconfig/endpoints.go +++ b/service/route53recoverycontrolconfig/endpoints.go @@ -470,7 +470,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -500,6 +500,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -509,7 +513,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoverycontrolconfig/options.go b/service/route53recoverycontrolconfig/options.go index 91ab9e43013..6fbe0a80c4d 100644 --- a/service/route53recoverycontrolconfig/options.go +++ b/service/route53recoverycontrolconfig/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoveryreadiness/api_client.go b/service/route53recoveryreadiness/api_client.go index b6b83463212..f8c66651f8a 100644 --- a/service/route53recoveryreadiness/api_client.go +++ b/service/route53recoveryreadiness/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/route53recoveryreadiness/auth.go b/service/route53recoveryreadiness/auth.go index b2f574252b9..1395038f9ee 100644 --- a/service/route53recoveryreadiness/auth.go +++ b/service/route53recoveryreadiness/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53recoveryreadiness/endpoints.go b/service/route53recoveryreadiness/endpoints.go index bf40d332253..ef0beec0578 100644 --- a/service/route53recoveryreadiness/endpoints.go +++ b/service/route53recoveryreadiness/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53recoveryreadiness/options.go b/service/route53recoveryreadiness/options.go index 6c7b56f881b..3150b310c98 100644 --- a/service/route53recoveryreadiness/options.go +++ b/service/route53recoveryreadiness/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53resolver/api_client.go b/service/route53resolver/api_client.go index 3c2bb21077c..6df35641147 100644 --- a/service/route53resolver/api_client.go +++ b/service/route53resolver/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/route53resolver/auth.go b/service/route53resolver/auth.go index b3fd292116d..65367977fe9 100644 --- a/service/route53resolver/auth.go +++ b/service/route53resolver/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53resolver/endpoints.go b/service/route53resolver/endpoints.go index 5681279e1de..2bfb6f59812 100644 --- a/service/route53resolver/endpoints.go +++ b/service/route53resolver/endpoints.go @@ -465,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,6 +495,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53resolver/options.go b/service/route53resolver/options.go index 3b99e8080c6..12c3a590245 100644 --- a/service/route53resolver/options.go +++ b/service/route53resolver/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/rum/api_client.go b/service/rum/api_client.go index 03528c761a3..c1f2bda6896 100644 --- a/service/rum/api_client.go +++ b/service/rum/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/rum/auth.go b/service/rum/auth.go index e0e89deba63..1e7b20ef62e 100644 --- a/service/rum/auth.go +++ b/service/rum/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/rum/endpoints.go b/service/rum/endpoints.go index d7c21fb025a..810e752e5ed 100644 --- a/service/rum/endpoints.go +++ b/service/rum/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/rum/options.go b/service/rum/options.go index 707f7f1ad3f..ae251b660f2 100644 --- a/service/rum/options.go +++ b/service/rum/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3/api_client.go b/service/s3/api_client.go index db35814d356..49ac60665ef 100644 --- a/service/s3/api_client.go +++ b/service/s3/api_client.go @@ -22,6 +22,7 @@ import ( s3sharedconfig "github.com/aws/aws-sdk-go-v2/service/internal/s3shared/config" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -259,15 +260,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -512,6 +526,25 @@ func newDefaultV4aSigner(o Options) *v4a.Signer { }) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addMetadataRetrieverMiddleware(stack *middleware.Stack) error { return s3shared.AddMetadataRetrieverMiddleware(stack) } diff --git a/service/s3/auth.go b/service/s3/auth.go index 6ef631bd380..3a7bc64afe2 100644 --- a/service/s3/auth.go +++ b/service/s3/auth.go @@ -12,12 +12,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } -func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { - params.endpointParams = bindEndpointParams(input, options) +func bindAuthEndpointParams(ctx context.Context, params *AuthResolverParameters, input interface{}, options Options) { + params.endpointParams = bindEndpointParams(ctx, input, options) } type setLegacyContextSigningOptionsMiddleware struct { @@ -98,13 +98,13 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthEndpointParams(params, input, options) - bindAuthParamsRegion(params, input, options) + bindAuthEndpointParams(ctx, params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -179,7 +179,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3/endpoints.go b/service/s3/endpoints.go index a1f2e36d63a..aa043eb93c1 100644 --- a/service/s3/endpoints.go +++ b/service/s3/endpoints.go @@ -5665,7 +5665,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -5701,6 +5701,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -5710,7 +5714,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3/options.go b/service/s3/options.go index 064bcefb4fd..5d15af5b0e3 100644 --- a/service/s3/options.go +++ b/service/s3/options.go @@ -27,6 +27,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3control/api_client.go b/service/s3control/api_client.go index 58b298312e3..975dcbab1e2 100644 --- a/service/s3control/api_client.go +++ b/service/s3control/api_client.go @@ -18,6 +18,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/internal/s3shared" s3sharedconfig "github.com/aws/aws-sdk-go-v2/service/internal/s3shared/config" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -235,15 +236,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -457,6 +459,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/s3control/auth.go b/service/s3control/auth.go index 4ebc2326ddc..7f6032c4d62 100644 --- a/service/s3control/auth.go +++ b/service/s3control/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3control/endpoints.go b/service/s3control/endpoints.go index 973121712f7..6d8f829ef19 100644 --- a/service/s3control/endpoints.go +++ b/service/s3control/endpoints.go @@ -1893,7 +1893,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1924,6 +1924,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -1933,7 +1937,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3control/options.go b/service/s3control/options.go index a27e36c85e4..e7dd3a50a68 100644 --- a/service/s3control/options.go +++ b/service/s3control/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/s3outposts/api_client.go b/service/s3outposts/api_client.go index b0210afa4b7..5ea1d6f742f 100644 --- a/service/s3outposts/api_client.go +++ b/service/s3outposts/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/s3outposts/auth.go b/service/s3outposts/auth.go index 0c4514c575b..d53c634363f 100644 --- a/service/s3outposts/auth.go +++ b/service/s3outposts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/s3outposts/endpoints.go b/service/s3outposts/endpoints.go index 0553535aecc..51f73984ca5 100644 --- a/service/s3outposts/endpoints.go +++ b/service/s3outposts/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/s3outposts/options.go b/service/s3outposts/options.go index 329de7d3ebb..cbcbd49ce5a 100644 --- a/service/s3outposts/options.go +++ b/service/s3outposts/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemaker/api_client.go b/service/sagemaker/api_client.go index c6c441c2f07..207fc4bb692 100644 --- a/service/sagemaker/api_client.go +++ b/service/sagemaker/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sagemaker/auth.go b/service/sagemaker/auth.go index e7150ad0cd5..ecefa37725d 100644 --- a/service/sagemaker/auth.go +++ b/service/sagemaker/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemaker/endpoints.go b/service/sagemaker/endpoints.go index bb6d7c0141c..52c04deca2f 100644 --- a/service/sagemaker/endpoints.go +++ b/service/sagemaker/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemaker/options.go b/service/sagemaker/options.go index f34cfbc1e73..63418b2bd46 100644 --- a/service/sagemaker/options.go +++ b/service/sagemaker/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakera2iruntime/api_client.go b/service/sagemakera2iruntime/api_client.go index dbd9f06bd49..86bb24c81a5 100644 --- a/service/sagemakera2iruntime/api_client.go +++ b/service/sagemakera2iruntime/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sagemakera2iruntime/auth.go b/service/sagemakera2iruntime/auth.go index fec11b17c5e..e3f7d12f225 100644 --- a/service/sagemakera2iruntime/auth.go +++ b/service/sagemakera2iruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakera2iruntime/endpoints.go b/service/sagemakera2iruntime/endpoints.go index 629cc683a74..7ac11b65ecc 100644 --- a/service/sagemakera2iruntime/endpoints.go +++ b/service/sagemakera2iruntime/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakera2iruntime/options.go b/service/sagemakera2iruntime/options.go index 99b41f4717e..50f0b334ea9 100644 --- a/service/sagemakera2iruntime/options.go +++ b/service/sagemakera2iruntime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakeredge/api_client.go b/service/sagemakeredge/api_client.go index 53d9a9ae983..7e491c24c0b 100644 --- a/service/sagemakeredge/api_client.go +++ b/service/sagemakeredge/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sagemakeredge/auth.go b/service/sagemakeredge/auth.go index 9c4e8e7e115..325a50dc403 100644 --- a/service/sagemakeredge/auth.go +++ b/service/sagemakeredge/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakeredge/endpoints.go b/service/sagemakeredge/endpoints.go index 3d2aa5c1826..8ccffeaa5d7 100644 --- a/service/sagemakeredge/endpoints.go +++ b/service/sagemakeredge/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakeredge/options.go b/service/sagemakeredge/options.go index 91509de4fe0..62f6656347d 100644 --- a/service/sagemakeredge/options.go +++ b/service/sagemakeredge/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakerfeaturestoreruntime/api_client.go b/service/sagemakerfeaturestoreruntime/api_client.go index ad3781ce93b..ba742f81e67 100644 --- a/service/sagemakerfeaturestoreruntime/api_client.go +++ b/service/sagemakerfeaturestoreruntime/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sagemakerfeaturestoreruntime/auth.go b/service/sagemakerfeaturestoreruntime/auth.go index 54e82e81895..97fa75d690d 100644 --- a/service/sagemakerfeaturestoreruntime/auth.go +++ b/service/sagemakerfeaturestoreruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakerfeaturestoreruntime/endpoints.go b/service/sagemakerfeaturestoreruntime/endpoints.go index d0ec1a7a46e..34dfd0c3ba1 100644 --- a/service/sagemakerfeaturestoreruntime/endpoints.go +++ b/service/sagemakerfeaturestoreruntime/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakerfeaturestoreruntime/options.go b/service/sagemakerfeaturestoreruntime/options.go index 504b6807183..282e12032f3 100644 --- a/service/sagemakerfeaturestoreruntime/options.go +++ b/service/sagemakerfeaturestoreruntime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakergeospatial/api_client.go b/service/sagemakergeospatial/api_client.go index b094ba823cb..9fa508e6381 100644 --- a/service/sagemakergeospatial/api_client.go +++ b/service/sagemakergeospatial/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sagemakergeospatial/auth.go b/service/sagemakergeospatial/auth.go index 331ff4b0d6d..72f8e69b06a 100644 --- a/service/sagemakergeospatial/auth.go +++ b/service/sagemakergeospatial/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakergeospatial/endpoints.go b/service/sagemakergeospatial/endpoints.go index 04f189f4408..01cf9add5ac 100644 --- a/service/sagemakergeospatial/endpoints.go +++ b/service/sagemakergeospatial/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakergeospatial/options.go b/service/sagemakergeospatial/options.go index 17a4d3a6fa5..790d988feb7 100644 --- a/service/sagemakergeospatial/options.go +++ b/service/sagemakergeospatial/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakermetrics/api_client.go b/service/sagemakermetrics/api_client.go index 15873ccf64a..7f12d4aa5af 100644 --- a/service/sagemakermetrics/api_client.go +++ b/service/sagemakermetrics/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sagemakermetrics/auth.go b/service/sagemakermetrics/auth.go index 8c21d3ecd13..41df9148fad 100644 --- a/service/sagemakermetrics/auth.go +++ b/service/sagemakermetrics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakermetrics/endpoints.go b/service/sagemakermetrics/endpoints.go index 69dde480346..384cab20df3 100644 --- a/service/sagemakermetrics/endpoints.go +++ b/service/sagemakermetrics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakermetrics/options.go b/service/sagemakermetrics/options.go index 409ab3fa21a..3278889566c 100644 --- a/service/sagemakermetrics/options.go +++ b/service/sagemakermetrics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sagemakerruntime/api_client.go b/service/sagemakerruntime/api_client.go index 63e26ae23e0..1603eb6268b 100644 --- a/service/sagemakerruntime/api_client.go +++ b/service/sagemakerruntime/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sagemakerruntime/auth.go b/service/sagemakerruntime/auth.go index 70b7740ff98..80629060ea6 100644 --- a/service/sagemakerruntime/auth.go +++ b/service/sagemakerruntime/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sagemakerruntime/endpoints.go b/service/sagemakerruntime/endpoints.go index c5cc9ef085d..eae619cf9a2 100644 --- a/service/sagemakerruntime/endpoints.go +++ b/service/sagemakerruntime/endpoints.go @@ -477,7 +477,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -507,6 +507,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -516,7 +520,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sagemakerruntime/options.go b/service/sagemakerruntime/options.go index 30fab8f1581..259eced3e6f 100644 --- a/service/sagemakerruntime/options.go +++ b/service/sagemakerruntime/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/savingsplans/api_client.go b/service/savingsplans/api_client.go index 378706954f0..cc173f76fc9 100644 --- a/service/savingsplans/api_client.go +++ b/service/savingsplans/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/savingsplans/auth.go b/service/savingsplans/auth.go index 8cf18855e61..90cf478ee8c 100644 --- a/service/savingsplans/auth.go +++ b/service/savingsplans/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/savingsplans/endpoints.go b/service/savingsplans/endpoints.go index 8e8a6bbc0b8..76491593788 100644 --- a/service/savingsplans/endpoints.go +++ b/service/savingsplans/endpoints.go @@ -474,7 +474,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -504,6 +504,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -513,7 +517,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/savingsplans/options.go b/service/savingsplans/options.go index 0b0576a38f6..9aec5660b95 100644 --- a/service/savingsplans/options.go +++ b/service/savingsplans/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/scheduler/api_client.go b/service/scheduler/api_client.go index 8749fcb0916..13681af46ff 100644 --- a/service/scheduler/api_client.go +++ b/service/scheduler/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/scheduler/auth.go b/service/scheduler/auth.go index 6deb1919bb1..35af9e7be85 100644 --- a/service/scheduler/auth.go +++ b/service/scheduler/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/scheduler/endpoints.go b/service/scheduler/endpoints.go index fad8fd156c7..0c42ae210ba 100644 --- a/service/scheduler/endpoints.go +++ b/service/scheduler/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/scheduler/options.go b/service/scheduler/options.go index 5258e24cd94..d122cefc949 100644 --- a/service/scheduler/options.go +++ b/service/scheduler/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/schemas/api_client.go b/service/schemas/api_client.go index 8a0869fc601..0c844a6f32c 100644 --- a/service/schemas/api_client.go +++ b/service/schemas/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/schemas/auth.go b/service/schemas/auth.go index 482e04c18cd..5b52c80274c 100644 --- a/service/schemas/auth.go +++ b/service/schemas/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/schemas/endpoints.go b/service/schemas/endpoints.go index 500813661f7..e7f63f3d15e 100644 --- a/service/schemas/endpoints.go +++ b/service/schemas/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/schemas/options.go b/service/schemas/options.go index 82be4a2bb17..191963b33c4 100644 --- a/service/schemas/options.go +++ b/service/schemas/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/secretsmanager/api_client.go b/service/secretsmanager/api_client.go index 99c25849ba3..b177e106fc8 100644 --- a/service/secretsmanager/api_client.go +++ b/service/secretsmanager/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/secretsmanager/auth.go b/service/secretsmanager/auth.go index ff911710d8d..0b1d10070dd 100644 --- a/service/secretsmanager/auth.go +++ b/service/secretsmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/secretsmanager/endpoints.go b/service/secretsmanager/endpoints.go index 347bcf0d595..7eba31e79ef 100644 --- a/service/secretsmanager/endpoints.go +++ b/service/secretsmanager/endpoints.go @@ -534,7 +534,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -564,6 +564,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -573,7 +577,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/secretsmanager/options.go b/service/secretsmanager/options.go index a8817523e98..bd6e020bccd 100644 --- a/service/secretsmanager/options.go +++ b/service/secretsmanager/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/securityhub/api_client.go b/service/securityhub/api_client.go index 4f6aefa66c9..f6f04b386f9 100644 --- a/service/securityhub/api_client.go +++ b/service/securityhub/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/securityhub/auth.go b/service/securityhub/auth.go index e0c22d1f710..d4c5b45c02d 100644 --- a/service/securityhub/auth.go +++ b/service/securityhub/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/securityhub/endpoints.go b/service/securityhub/endpoints.go index 12519f0f80e..a33af2388e0 100644 --- a/service/securityhub/endpoints.go +++ b/service/securityhub/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/securityhub/options.go b/service/securityhub/options.go index ac4e7ec6d08..48a0c6b5964 100644 --- a/service/securityhub/options.go +++ b/service/securityhub/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/securitylake/api_client.go b/service/securitylake/api_client.go index cbf658d2388..e7ecc1c32f1 100644 --- a/service/securitylake/api_client.go +++ b/service/securitylake/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/securitylake/auth.go b/service/securitylake/auth.go index 9dd7760a79f..de92091f36e 100644 --- a/service/securitylake/auth.go +++ b/service/securitylake/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/securitylake/endpoints.go b/service/securitylake/endpoints.go index 1e5a3c0310e..926f3b49a13 100644 --- a/service/securitylake/endpoints.go +++ b/service/securitylake/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/securitylake/options.go b/service/securitylake/options.go index 0e1d88c8a88..247be66d1e7 100644 --- a/service/securitylake/options.go +++ b/service/securitylake/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/serverlessapplicationrepository/api_client.go b/service/serverlessapplicationrepository/api_client.go index ade485b2d12..968ee894427 100644 --- a/service/serverlessapplicationrepository/api_client.go +++ b/service/serverlessapplicationrepository/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/serverlessapplicationrepository/auth.go b/service/serverlessapplicationrepository/auth.go index ebd835f7958..21dc33057ad 100644 --- a/service/serverlessapplicationrepository/auth.go +++ b/service/serverlessapplicationrepository/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/serverlessapplicationrepository/endpoints.go b/service/serverlessapplicationrepository/endpoints.go index 9ab530aa066..30136b335e7 100644 --- a/service/serverlessapplicationrepository/endpoints.go +++ b/service/serverlessapplicationrepository/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/serverlessapplicationrepository/options.go b/service/serverlessapplicationrepository/options.go index be06d23b895..0288f10d34d 100644 --- a/service/serverlessapplicationrepository/options.go +++ b/service/serverlessapplicationrepository/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicecatalog/api_client.go b/service/servicecatalog/api_client.go index 014a8d75ff7..ddc92d4bf05 100644 --- a/service/servicecatalog/api_client.go +++ b/service/servicecatalog/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/servicecatalog/auth.go b/service/servicecatalog/auth.go index b524f9eb0c5..b0904bbc872 100644 --- a/service/servicecatalog/auth.go +++ b/service/servicecatalog/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicecatalog/endpoints.go b/service/servicecatalog/endpoints.go index 84fe4a0c737..92753fb4446 100644 --- a/service/servicecatalog/endpoints.go +++ b/service/servicecatalog/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicecatalog/options.go b/service/servicecatalog/options.go index a7ded309f4c..6e16f064407 100644 --- a/service/servicecatalog/options.go +++ b/service/servicecatalog/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicecatalogappregistry/api_client.go b/service/servicecatalogappregistry/api_client.go index 601a061cf53..36041d28886 100644 --- a/service/servicecatalogappregistry/api_client.go +++ b/service/servicecatalogappregistry/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/servicecatalogappregistry/auth.go b/service/servicecatalogappregistry/auth.go index 9be5e3dd121..d8c27964864 100644 --- a/service/servicecatalogappregistry/auth.go +++ b/service/servicecatalogappregistry/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicecatalogappregistry/endpoints.go b/service/servicecatalogappregistry/endpoints.go index f5146673933..eaab994375b 100644 --- a/service/servicecatalogappregistry/endpoints.go +++ b/service/servicecatalogappregistry/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicecatalogappregistry/options.go b/service/servicecatalogappregistry/options.go index 73733a6f550..7a93e6fdd5c 100644 --- a/service/servicecatalogappregistry/options.go +++ b/service/servicecatalogappregistry/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicediscovery/api_client.go b/service/servicediscovery/api_client.go index 14b734ac9bd..310aa30d95e 100644 --- a/service/servicediscovery/api_client.go +++ b/service/servicediscovery/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/servicediscovery/auth.go b/service/servicediscovery/auth.go index d5461ba4751..01b2d97e9b2 100644 --- a/service/servicediscovery/auth.go +++ b/service/servicediscovery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicediscovery/endpoints.go b/service/servicediscovery/endpoints.go index a00cf7b7df4..38910675833 100644 --- a/service/servicediscovery/endpoints.go +++ b/service/servicediscovery/endpoints.go @@ -496,7 +496,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -526,6 +526,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -535,7 +539,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicediscovery/options.go b/service/servicediscovery/options.go index 340a4980aa2..43a4f4c6c87 100644 --- a/service/servicediscovery/options.go +++ b/service/servicediscovery/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/servicequotas/api_client.go b/service/servicequotas/api_client.go index 88ffac5cb6c..27f0a0c50a0 100644 --- a/service/servicequotas/api_client.go +++ b/service/servicequotas/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/servicequotas/auth.go b/service/servicequotas/auth.go index ceed199dc8f..41df3e5eb41 100644 --- a/service/servicequotas/auth.go +++ b/service/servicequotas/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/servicequotas/endpoints.go b/service/servicequotas/endpoints.go index 8c9177c6305..9f94250b97f 100644 --- a/service/servicequotas/endpoints.go +++ b/service/servicequotas/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/servicequotas/options.go b/service/servicequotas/options.go index fb84fcd2073..cbc4267ca49 100644 --- a/service/servicequotas/options.go +++ b/service/servicequotas/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ses/api_client.go b/service/ses/api_client.go index d8f0eef5b57..b08d56334aa 100644 --- a/service/ses/api_client.go +++ b/service/ses/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ses/auth.go b/service/ses/auth.go index d8b13cc7ba2..2e28ac7d595 100644 --- a/service/ses/auth.go +++ b/service/ses/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ses/endpoints.go b/service/ses/endpoints.go index 9996efb86e7..d0fb61f2a31 100644 --- a/service/ses/endpoints.go +++ b/service/ses/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ses/options.go b/service/ses/options.go index 4228f8c9284..9e83a800c68 100644 --- a/service/ses/options.go +++ b/service/ses/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sesv2/api_client.go b/service/sesv2/api_client.go index 07eee0aa560..1b104fcf8d9 100644 --- a/service/sesv2/api_client.go +++ b/service/sesv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sesv2/auth.go b/service/sesv2/auth.go index 394c55f4eb3..b53b98bf037 100644 --- a/service/sesv2/auth.go +++ b/service/sesv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sesv2/endpoints.go b/service/sesv2/endpoints.go index d5ef5240c72..67660395c8c 100644 --- a/service/sesv2/endpoints.go +++ b/service/sesv2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sesv2/options.go b/service/sesv2/options.go index 8c495a0a7bc..47ca0bf1425 100644 --- a/service/sesv2/options.go +++ b/service/sesv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sfn/api_client.go b/service/sfn/api_client.go index 2d0e82da400..4a9a3b505e0 100644 --- a/service/sfn/api_client.go +++ b/service/sfn/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sfn/auth.go b/service/sfn/auth.go index 1322e8d24ba..69e2d0d3805 100644 --- a/service/sfn/auth.go +++ b/service/sfn/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sfn/endpoints.go b/service/sfn/endpoints.go index 3fa62e78d19..9d6cdc5d069 100644 --- a/service/sfn/endpoints.go +++ b/service/sfn/endpoints.go @@ -452,7 +452,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -482,6 +482,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -491,7 +495,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sfn/options.go b/service/sfn/options.go index dd620811879..2e91719df61 100644 --- a/service/sfn/options.go +++ b/service/sfn/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/shield/api_client.go b/service/shield/api_client.go index 521f9b352fa..10a2ed84fe5 100644 --- a/service/shield/api_client.go +++ b/service/shield/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/shield/auth.go b/service/shield/auth.go index 153d4e905cf..d97484595bf 100644 --- a/service/shield/auth.go +++ b/service/shield/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/shield/endpoints.go b/service/shield/endpoints.go index 8a6f9e38aa2..e281a73a020 100644 --- a/service/shield/endpoints.go +++ b/service/shield/endpoints.go @@ -508,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,6 +538,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/shield/options.go b/service/shield/options.go index 7bcfe299f36..f0e2240502c 100644 --- a/service/shield/options.go +++ b/service/shield/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/signer/api_client.go b/service/signer/api_client.go index d4eaba85662..650fbdd3aaa 100644 --- a/service/signer/api_client.go +++ b/service/signer/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/signer/auth.go b/service/signer/auth.go index 873472ff6c1..4e2be94eff4 100644 --- a/service/signer/auth.go +++ b/service/signer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/signer/endpoints.go b/service/signer/endpoints.go index e4dbaa11f14..0291a094ead 100644 --- a/service/signer/endpoints.go +++ b/service/signer/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/signer/options.go b/service/signer/options.go index 5b89a761c1f..025b600fcdb 100644 --- a/service/signer/options.go +++ b/service/signer/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/simspaceweaver/api_client.go b/service/simspaceweaver/api_client.go index bd91384e232..2a7311840d6 100644 --- a/service/simspaceweaver/api_client.go +++ b/service/simspaceweaver/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/simspaceweaver/auth.go b/service/simspaceweaver/auth.go index 13155737ce6..ec9b2932e0e 100644 --- a/service/simspaceweaver/auth.go +++ b/service/simspaceweaver/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/simspaceweaver/endpoints.go b/service/simspaceweaver/endpoints.go index 685fa035ecb..9f769367841 100644 --- a/service/simspaceweaver/endpoints.go +++ b/service/simspaceweaver/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/simspaceweaver/options.go b/service/simspaceweaver/options.go index 658f08ee598..a87ae16ab5e 100644 --- a/service/simspaceweaver/options.go +++ b/service/simspaceweaver/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sms/api_client.go b/service/sms/api_client.go index 6dc843ea16b..6a07d2819fd 100644 --- a/service/sms/api_client.go +++ b/service/sms/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sms/auth.go b/service/sms/auth.go index 3409c153804..8d6039e6eee 100644 --- a/service/sms/auth.go +++ b/service/sms/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sms/endpoints.go b/service/sms/endpoints.go index dc2547cdf33..760e1a81fc5 100644 --- a/service/sms/endpoints.go +++ b/service/sms/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sms/options.go b/service/sms/options.go index e664fe1ab67..da5627ca23e 100644 --- a/service/sms/options.go +++ b/service/sms/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/snowball/api_client.go b/service/snowball/api_client.go index cc3db20eeae..d0bcb3eeeee 100644 --- a/service/snowball/api_client.go +++ b/service/snowball/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/snowball/auth.go b/service/snowball/auth.go index 51a68ca8409..a63b7c5331a 100644 --- a/service/snowball/auth.go +++ b/service/snowball/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/snowball/endpoints.go b/service/snowball/endpoints.go index 88416e35ee3..90e0c3cb73f 100644 --- a/service/snowball/endpoints.go +++ b/service/snowball/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/snowball/options.go b/service/snowball/options.go index 6a2215c6ee6..3f980009108 100644 --- a/service/snowball/options.go +++ b/service/snowball/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/snowdevicemanagement/api_client.go b/service/snowdevicemanagement/api_client.go index 82c9c24d13f..14fb5ad0e94 100644 --- a/service/snowdevicemanagement/api_client.go +++ b/service/snowdevicemanagement/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/snowdevicemanagement/auth.go b/service/snowdevicemanagement/auth.go index 49885783d79..6104a71a789 100644 --- a/service/snowdevicemanagement/auth.go +++ b/service/snowdevicemanagement/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/snowdevicemanagement/endpoints.go b/service/snowdevicemanagement/endpoints.go index 7794ab1d240..4aeefe1dd6c 100644 --- a/service/snowdevicemanagement/endpoints.go +++ b/service/snowdevicemanagement/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/snowdevicemanagement/options.go b/service/snowdevicemanagement/options.go index a23aaa58de7..8768c901e01 100644 --- a/service/snowdevicemanagement/options.go +++ b/service/snowdevicemanagement/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sns/api_client.go b/service/sns/api_client.go index f9f49a4a169..e885f55fc21 100644 --- a/service/sns/api_client.go +++ b/service/sns/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sns/auth.go b/service/sns/auth.go index 136bcc44ccc..dacc596c606 100644 --- a/service/sns/auth.go +++ b/service/sns/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sns/endpoints.go b/service/sns/endpoints.go index 57a5d562876..ed31c81ec47 100644 --- a/service/sns/endpoints.go +++ b/service/sns/endpoints.go @@ -465,7 +465,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -495,6 +495,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -504,7 +508,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sns/options.go b/service/sns/options.go index 164bc9fd80b..420dc9fac5c 100644 --- a/service/sns/options.go +++ b/service/sns/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sqs/api_client.go b/service/sqs/api_client.go index 078e5a039b1..16dbec289c9 100644 --- a/service/sqs/api_client.go +++ b/service/sqs/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sqs/auth.go b/service/sqs/auth.go index 22607b3fb91..820536ccb3b 100644 --- a/service/sqs/auth.go +++ b/service/sqs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sqs/endpoints.go b/service/sqs/endpoints.go index 4f9a68efbbe..d16ba07712b 100644 --- a/service/sqs/endpoints.go +++ b/service/sqs/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sqs/options.go b/service/sqs/options.go index ce3b7c08a4f..394c3ca89c9 100644 --- a/service/sqs/options.go +++ b/service/sqs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssm/api_client.go b/service/ssm/api_client.go index 973f468d6cc..9354d412597 100644 --- a/service/ssm/api_client.go +++ b/service/ssm/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssm/auth.go b/service/ssm/auth.go index bad85d052dc..22cb7c4be67 100644 --- a/service/ssm/auth.go +++ b/service/ssm/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssm/endpoints.go b/service/ssm/endpoints.go index 4cd4e2f7005..6fc7227c423 100644 --- a/service/ssm/endpoints.go +++ b/service/ssm/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssm/options.go b/service/ssm/options.go index 197dfd32601..468609f83fb 100644 --- a/service/ssm/options.go +++ b/service/ssm/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmcontacts/api_client.go b/service/ssmcontacts/api_client.go index 2d5df6a118c..d4de83cd3b9 100644 --- a/service/ssmcontacts/api_client.go +++ b/service/ssmcontacts/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssmcontacts/auth.go b/service/ssmcontacts/auth.go index 09b1868c310..55458687770 100644 --- a/service/ssmcontacts/auth.go +++ b/service/ssmcontacts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmcontacts/endpoints.go b/service/ssmcontacts/endpoints.go index b10d9225b07..f9f4793258e 100644 --- a/service/ssmcontacts/endpoints.go +++ b/service/ssmcontacts/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmcontacts/options.go b/service/ssmcontacts/options.go index 33962843fa0..67ce693c8c5 100644 --- a/service/ssmcontacts/options.go +++ b/service/ssmcontacts/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmincidents/api_client.go b/service/ssmincidents/api_client.go index 051d9b9ec25..2ce06115d3e 100644 --- a/service/ssmincidents/api_client.go +++ b/service/ssmincidents/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssmincidents/auth.go b/service/ssmincidents/auth.go index 6ea64afa132..d0f00d2ebd7 100644 --- a/service/ssmincidents/auth.go +++ b/service/ssmincidents/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmincidents/endpoints.go b/service/ssmincidents/endpoints.go index b53257d9c7d..ac91dcee3f7 100644 --- a/service/ssmincidents/endpoints.go +++ b/service/ssmincidents/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmincidents/options.go b/service/ssmincidents/options.go index 4e460d6bae7..1cc09fab8c5 100644 --- a/service/ssmincidents/options.go +++ b/service/ssmincidents/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssmsap/api_client.go b/service/ssmsap/api_client.go index 9fa396085f0..464a7dcc822 100644 --- a/service/ssmsap/api_client.go +++ b/service/ssmsap/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ssmsap/auth.go b/service/ssmsap/auth.go index 97794fe045c..1007f7a61af 100644 --- a/service/ssmsap/auth.go +++ b/service/ssmsap/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssmsap/endpoints.go b/service/ssmsap/endpoints.go index 88aa38c01f2..dad696d0090 100644 --- a/service/ssmsap/endpoints.go +++ b/service/ssmsap/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssmsap/options.go b/service/ssmsap/options.go index 5d87320d021..3738a2adf60 100644 --- a/service/ssmsap/options.go +++ b/service/ssmsap/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sso/api_client.go b/service/sso/api_client.go index e439699253b..5491b862acc 100644 --- a/service/sso/api_client.go +++ b/service/sso/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sso/auth.go b/service/sso/auth.go index 3b28e825dd0..a93a77cd7fe 100644 --- a/service/sso/auth.go +++ b/service/sso/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -169,7 +169,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sso/endpoints.go b/service/sso/endpoints.go index d31380cf283..8ed00cdb538 100644 --- a/service/sso/endpoints.go +++ b/service/sso/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sso/options.go b/service/sso/options.go index 5dee7e53f47..2cf26ad0596 100644 --- a/service/sso/options.go +++ b/service/sso/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssoadmin/api_client.go b/service/ssoadmin/api_client.go index 55a0d66be7d..0e860f533f0 100644 --- a/service/ssoadmin/api_client.go +++ b/service/ssoadmin/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssoadmin/auth.go b/service/ssoadmin/auth.go index 1e646df3446..adc19d3303b 100644 --- a/service/ssoadmin/auth.go +++ b/service/ssoadmin/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssoadmin/endpoints.go b/service/ssoadmin/endpoints.go index 97ab01ada72..97782fc469d 100644 --- a/service/ssoadmin/endpoints.go +++ b/service/ssoadmin/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssoadmin/options.go b/service/ssoadmin/options.go index 19a73da494a..929ec40307c 100644 --- a/service/ssoadmin/options.go +++ b/service/ssoadmin/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/ssooidc/api_client.go b/service/ssooidc/api_client.go index fed0897390b..3494e0bc926 100644 --- a/service/ssooidc/api_client.go +++ b/service/ssooidc/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/ssooidc/auth.go b/service/ssooidc/auth.go index 40b3becb9f2..e6058da813f 100644 --- a/service/ssooidc/auth.go +++ b/service/ssooidc/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -163,7 +163,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/ssooidc/endpoints.go b/service/ssooidc/endpoints.go index 85b87089026..9a032739c74 100644 --- a/service/ssooidc/endpoints.go +++ b/service/ssooidc/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/ssooidc/options.go b/service/ssooidc/options.go index b964e7e1090..531e12b4e3d 100644 --- a/service/ssooidc/options.go +++ b/service/ssooidc/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/storagegateway/api_client.go b/service/storagegateway/api_client.go index 63cd7792ecb..99550e379d1 100644 --- a/service/storagegateway/api_client.go +++ b/service/storagegateway/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/storagegateway/auth.go b/service/storagegateway/auth.go index d269b16dcfe..3975f973fc3 100644 --- a/service/storagegateway/auth.go +++ b/service/storagegateway/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/storagegateway/endpoints.go b/service/storagegateway/endpoints.go index 91d7adf8dfd..7a0cb4a3f45 100644 --- a/service/storagegateway/endpoints.go +++ b/service/storagegateway/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/storagegateway/options.go b/service/storagegateway/options.go index 56242643334..da3058d0602 100644 --- a/service/storagegateway/options.go +++ b/service/storagegateway/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/sts/api_client.go b/service/sts/api_client.go index 369de83b8bc..207d84532ef 100644 --- a/service/sts/api_client.go +++ b/service/sts/api_client.go @@ -18,6 +18,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -432,6 +434,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/sts/auth.go b/service/sts/auth.go index 9db5bfd4348..e842a7f7e8e 100644 --- a/service/sts/auth.go +++ b/service/sts/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -157,7 +157,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/sts/endpoints.go b/service/sts/endpoints.go index 9f7932f9a06..cba7529846c 100644 --- a/service/sts/endpoints.go +++ b/service/sts/endpoints.go @@ -1038,7 +1038,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -1068,6 +1068,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -1077,7 +1081,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/sts/options.go b/service/sts/options.go index 5c1be79f8c0..1cc9ac673ea 100644 --- a/service/sts/options.go +++ b/service/sts/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/supplychain/api_client.go b/service/supplychain/api_client.go index 83ca4d3e457..0b417e77865 100644 --- a/service/supplychain/api_client.go +++ b/service/supplychain/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/supplychain/auth.go b/service/supplychain/auth.go index dd9c57b6702..ce6f3ca34d1 100644 --- a/service/supplychain/auth.go +++ b/service/supplychain/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/supplychain/endpoints.go b/service/supplychain/endpoints.go index b8e7fc27f5d..ad73fa6028d 100644 --- a/service/supplychain/endpoints.go +++ b/service/supplychain/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/supplychain/options.go b/service/supplychain/options.go index 197e9c8a081..65edc9618b7 100644 --- a/service/supplychain/options.go +++ b/service/supplychain/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/support/api_client.go b/service/support/api_client.go index 26c69a172e5..b20ec49fe91 100644 --- a/service/support/api_client.go +++ b/service/support/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/support/auth.go b/service/support/auth.go index f0e15a2b911..872c9ab8de2 100644 --- a/service/support/auth.go +++ b/service/support/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/support/endpoints.go b/service/support/endpoints.go index 78320a6dea0..92515f23329 100644 --- a/service/support/endpoints.go +++ b/service/support/endpoints.go @@ -610,7 +610,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -640,6 +640,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -649,7 +653,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/support/options.go b/service/support/options.go index 69b1659dd46..2720c6e93cb 100644 --- a/service/support/options.go +++ b/service/support/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/supportapp/api_client.go b/service/supportapp/api_client.go index 6c07bd2471d..b6d8e168d3a 100644 --- a/service/supportapp/api_client.go +++ b/service/supportapp/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/supportapp/auth.go b/service/supportapp/auth.go index 92a79c6d6c2..45cad5a9d54 100644 --- a/service/supportapp/auth.go +++ b/service/supportapp/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/supportapp/endpoints.go b/service/supportapp/endpoints.go index 463f926d78c..d885093385a 100644 --- a/service/supportapp/endpoints.go +++ b/service/supportapp/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/supportapp/options.go b/service/supportapp/options.go index 673b81f421e..608224c80f0 100644 --- a/service/supportapp/options.go +++ b/service/supportapp/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/swf/api_client.go b/service/swf/api_client.go index 5c96e1b3b7b..776981be579 100644 --- a/service/swf/api_client.go +++ b/service/swf/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/swf/auth.go b/service/swf/auth.go index a65f2703925..a65c234c207 100644 --- a/service/swf/auth.go +++ b/service/swf/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/swf/endpoints.go b/service/swf/endpoints.go index 3ce4e00f7d0..a350f7a5f81 100644 --- a/service/swf/endpoints.go +++ b/service/swf/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/swf/options.go b/service/swf/options.go index bdd7ae4f100..f588042c724 100644 --- a/service/swf/options.go +++ b/service/swf/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/synthetics/api_client.go b/service/synthetics/api_client.go index d4e227181a1..7e653850f3c 100644 --- a/service/synthetics/api_client.go +++ b/service/synthetics/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/synthetics/auth.go b/service/synthetics/auth.go index e4c639e0d5b..75b2f097719 100644 --- a/service/synthetics/auth.go +++ b/service/synthetics/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/synthetics/endpoints.go b/service/synthetics/endpoints.go index a06c0238657..ea5679d648c 100644 --- a/service/synthetics/endpoints.go +++ b/service/synthetics/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/synthetics/options.go b/service/synthetics/options.go index 58706c4623f..e738700fa56 100644 --- a/service/synthetics/options.go +++ b/service/synthetics/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/textract/api_client.go b/service/textract/api_client.go index 396aa5e859a..605b4fb237c 100644 --- a/service/textract/api_client.go +++ b/service/textract/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/textract/auth.go b/service/textract/auth.go index 84f5509736d..fe0143c5a8a 100644 --- a/service/textract/auth.go +++ b/service/textract/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/textract/endpoints.go b/service/textract/endpoints.go index a269fce1fe4..a9ae881b873 100644 --- a/service/textract/endpoints.go +++ b/service/textract/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/textract/options.go b/service/textract/options.go index 3196d15dc46..54c11ea5c4a 100644 --- a/service/textract/options.go +++ b/service/textract/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamquery/api_client.go b/service/timestreamquery/api_client.go index 38d59291619..edd1094e0b9 100644 --- a/service/timestreamquery/api_client.go +++ b/service/timestreamquery/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -244,15 +245,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -547,6 +549,37 @@ func (c *Client) handleEndpointDiscoveryFromService(ctx context.Context, input * return endpoint, nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/timestreamquery/auth.go b/service/timestreamquery/auth.go index 2465a26d10d..bca4f40d304 100644 --- a/service/timestreamquery/auth.go +++ b/service/timestreamquery/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreamquery/endpoints.go b/service/timestreamquery/endpoints.go index a51df9d2afe..a30add6436d 100644 --- a/service/timestreamquery/endpoints.go +++ b/service/timestreamquery/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreamquery/options.go b/service/timestreamquery/options.go index 63731806d26..8b4dd6cbf12 100644 --- a/service/timestreamquery/options.go +++ b/service/timestreamquery/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamwrite/api_client.go b/service/timestreamwrite/api_client.go index 9faa3c21310..a66aa0acdff 100644 --- a/service/timestreamwrite/api_client.go +++ b/service/timestreamwrite/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -244,15 +245,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -547,6 +549,37 @@ func (c *Client) handleEndpointDiscoveryFromService(ctx context.Context, input * return endpoint, nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/timestreamwrite/auth.go b/service/timestreamwrite/auth.go index 60a82021688..f537cb0ed21 100644 --- a/service/timestreamwrite/auth.go +++ b/service/timestreamwrite/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreamwrite/endpoints.go b/service/timestreamwrite/endpoints.go index 59271f0e4b5..8c482eb1436 100644 --- a/service/timestreamwrite/endpoints.go +++ b/service/timestreamwrite/endpoints.go @@ -458,7 +458,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -488,6 +488,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -497,7 +501,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreamwrite/options.go b/service/timestreamwrite/options.go index d5fe7e8d723..cc5136319b8 100644 --- a/service/timestreamwrite/options.go +++ b/service/timestreamwrite/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/tnb/api_client.go b/service/tnb/api_client.go index 19c5b75c2c4..b705d7e3ca5 100644 --- a/service/tnb/api_client.go +++ b/service/tnb/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/tnb/auth.go b/service/tnb/auth.go index 1da0161e821..f722b5eb49b 100644 --- a/service/tnb/auth.go +++ b/service/tnb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/tnb/endpoints.go b/service/tnb/endpoints.go index bd23bb12baf..99ef4f1aff1 100644 --- a/service/tnb/endpoints.go +++ b/service/tnb/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/tnb/options.go b/service/tnb/options.go index 8c585deba7a..badbc054a74 100644 --- a/service/tnb/options.go +++ b/service/tnb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transcribe/api_client.go b/service/transcribe/api_client.go index b4bba7691f9..fa4a372f539 100644 --- a/service/transcribe/api_client.go +++ b/service/transcribe/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/transcribe/auth.go b/service/transcribe/auth.go index 1c7d78b943b..fb1991e1bff 100644 --- a/service/transcribe/auth.go +++ b/service/transcribe/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transcribe/endpoints.go b/service/transcribe/endpoints.go index 8b57b310855..8b1dde77118 100644 --- a/service/transcribe/endpoints.go +++ b/service/transcribe/endpoints.go @@ -503,7 +503,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -533,6 +533,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -542,7 +546,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transcribe/options.go b/service/transcribe/options.go index 6960421abe6..9ebc6befd80 100644 --- a/service/transcribe/options.go +++ b/service/transcribe/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transcribestreaming/api_client.go b/service/transcribestreaming/api_client.go index f051ff0f631..aaf1937be68 100644 --- a/service/transcribestreaming/api_client.go +++ b/service/transcribestreaming/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -232,15 +233,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -431,6 +433,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/transcribestreaming/auth.go b/service/transcribestreaming/auth.go index 2fe6c8b9f3d..1ce8cbe3987 100644 --- a/service/transcribestreaming/auth.go +++ b/service/transcribestreaming/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transcribestreaming/endpoints.go b/service/transcribestreaming/endpoints.go index 09dc0517777..db37405bdb8 100644 --- a/service/transcribestreaming/endpoints.go +++ b/service/transcribestreaming/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transcribestreaming/options.go b/service/transcribestreaming/options.go index 29197d36f90..84917c51b81 100644 --- a/service/transcribestreaming/options.go +++ b/service/transcribestreaming/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/transfer/api_client.go b/service/transfer/api_client.go index 1c62f466764..8be8441bf28 100644 --- a/service/transfer/api_client.go +++ b/service/transfer/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/transfer/auth.go b/service/transfer/auth.go index 95de6b8fd2c..d629eca1286 100644 --- a/service/transfer/auth.go +++ b/service/transfer/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/transfer/endpoints.go b/service/transfer/endpoints.go index 59ae020d821..aa0bb42a3b9 100644 --- a/service/transfer/endpoints.go +++ b/service/transfer/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/transfer/options.go b/service/transfer/options.go index d78c3b1b72c..b62248c7763 100644 --- a/service/transfer/options.go +++ b/service/transfer/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/translate/api_client.go b/service/translate/api_client.go index 146d04c4aaf..5fb2d661806 100644 --- a/service/translate/api_client.go +++ b/service/translate/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/translate/auth.go b/service/translate/auth.go index f791a4e28e4..2790ad7fc76 100644 --- a/service/translate/auth.go +++ b/service/translate/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/translate/endpoints.go b/service/translate/endpoints.go index 94affb07744..5f33ac7ce5d 100644 --- a/service/translate/endpoints.go +++ b/service/translate/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/translate/options.go b/service/translate/options.go index 2ce6b77d68d..56ad1b5f31a 100644 --- a/service/translate/options.go +++ b/service/translate/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/trustedadvisor/api_client.go b/service/trustedadvisor/api_client.go index 599b9cc5576..1c346ecb09e 100644 --- a/service/trustedadvisor/api_client.go +++ b/service/trustedadvisor/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/trustedadvisor/auth.go b/service/trustedadvisor/auth.go index 9cb3a4bb1c9..54534fa6703 100644 --- a/service/trustedadvisor/auth.go +++ b/service/trustedadvisor/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/trustedadvisor/endpoints.go b/service/trustedadvisor/endpoints.go index 0b0a40d85c8..cf15d6f86f9 100644 --- a/service/trustedadvisor/endpoints.go +++ b/service/trustedadvisor/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/trustedadvisor/options.go b/service/trustedadvisor/options.go index 4114ac3e216..7fe8d653591 100644 --- a/service/trustedadvisor/options.go +++ b/service/trustedadvisor/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/verifiedpermissions/api_client.go b/service/verifiedpermissions/api_client.go index ff4a9917886..f77b7da0695 100644 --- a/service/verifiedpermissions/api_client.go +++ b/service/verifiedpermissions/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/verifiedpermissions/auth.go b/service/verifiedpermissions/auth.go index 540779edade..4880bc2f7b4 100644 --- a/service/verifiedpermissions/auth.go +++ b/service/verifiedpermissions/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/verifiedpermissions/endpoints.go b/service/verifiedpermissions/endpoints.go index 4e7b394938f..8963eb9e3e6 100644 --- a/service/verifiedpermissions/endpoints.go +++ b/service/verifiedpermissions/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/verifiedpermissions/options.go b/service/verifiedpermissions/options.go index d31ad4c9c98..3fe5a7e9ad0 100644 --- a/service/verifiedpermissions/options.go +++ b/service/verifiedpermissions/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/voiceid/api_client.go b/service/voiceid/api_client.go index 5c0c7c63fa6..98b3099eb20 100644 --- a/service/voiceid/api_client.go +++ b/service/voiceid/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/voiceid/auth.go b/service/voiceid/auth.go index c5f2ae669c6..68f49e019ba 100644 --- a/service/voiceid/auth.go +++ b/service/voiceid/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/voiceid/endpoints.go b/service/voiceid/endpoints.go index 4132bd0020f..4b933880222 100644 --- a/service/voiceid/endpoints.go +++ b/service/voiceid/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/voiceid/options.go b/service/voiceid/options.go index cb30aaf68fc..7c0befd8fd9 100644 --- a/service/voiceid/options.go +++ b/service/voiceid/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/vpclattice/api_client.go b/service/vpclattice/api_client.go index c860cb1cc15..86ca5ac55b8 100644 --- a/service/vpclattice/api_client.go +++ b/service/vpclattice/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/vpclattice/auth.go b/service/vpclattice/auth.go index 4fa45714d18..9d1d4dd9988 100644 --- a/service/vpclattice/auth.go +++ b/service/vpclattice/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/vpclattice/endpoints.go b/service/vpclattice/endpoints.go index acafbf6ac62..8b761372d48 100644 --- a/service/vpclattice/endpoints.go +++ b/service/vpclattice/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/vpclattice/options.go b/service/vpclattice/options.go index 791d3a84876..04a89c071b7 100644 --- a/service/vpclattice/options.go +++ b/service/vpclattice/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/waf/api_client.go b/service/waf/api_client.go index 0107b47b9d7..351140aaf53 100644 --- a/service/waf/api_client.go +++ b/service/waf/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/waf/auth.go b/service/waf/auth.go index 8d84b8a0f06..5cfd392f605 100644 --- a/service/waf/auth.go +++ b/service/waf/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/waf/endpoints.go b/service/waf/endpoints.go index d9444a94e41..31009502d30 100644 --- a/service/waf/endpoints.go +++ b/service/waf/endpoints.go @@ -508,7 +508,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -538,6 +538,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -547,7 +551,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/waf/options.go b/service/waf/options.go index 759f9257429..f5e336562af 100644 --- a/service/waf/options.go +++ b/service/waf/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wafregional/api_client.go b/service/wafregional/api_client.go index 2da6ab3bc40..7b05707afcd 100644 --- a/service/wafregional/api_client.go +++ b/service/wafregional/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/wafregional/auth.go b/service/wafregional/auth.go index cb5fa2387ca..b2ba909dbd8 100644 --- a/service/wafregional/auth.go +++ b/service/wafregional/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wafregional/endpoints.go b/service/wafregional/endpoints.go index 23a76094677..93b32c587fd 100644 --- a/service/wafregional/endpoints.go +++ b/service/wafregional/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wafregional/options.go b/service/wafregional/options.go index 8139ebd1ed6..32d0f6af67e 100644 --- a/service/wafregional/options.go +++ b/service/wafregional/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wafv2/api_client.go b/service/wafv2/api_client.go index abd5886dd2a..9a74f7b6ea3 100644 --- a/service/wafv2/api_client.go +++ b/service/wafv2/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/wafv2/auth.go b/service/wafv2/auth.go index 79526df359d..e9bea4864ea 100644 --- a/service/wafv2/auth.go +++ b/service/wafv2/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wafv2/endpoints.go b/service/wafv2/endpoints.go index 4bbf22037c4..6163fb2abd0 100644 --- a/service/wafv2/endpoints.go +++ b/service/wafv2/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wafv2/options.go b/service/wafv2/options.go index 90a71b90531..48820a42a4f 100644 --- a/service/wafv2/options.go +++ b/service/wafv2/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wellarchitected/api_client.go b/service/wellarchitected/api_client.go index 02c2a23882d..c0465675f3f 100644 --- a/service/wellarchitected/api_client.go +++ b/service/wellarchitected/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/wellarchitected/auth.go b/service/wellarchitected/auth.go index 23a4124917a..a864ad09d1f 100644 --- a/service/wellarchitected/auth.go +++ b/service/wellarchitected/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wellarchitected/endpoints.go b/service/wellarchitected/endpoints.go index 5a355385166..9b58dd47220 100644 --- a/service/wellarchitected/endpoints.go +++ b/service/wellarchitected/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wellarchitected/options.go b/service/wellarchitected/options.go index 5b2102017ec..d90039398f0 100644 --- a/service/wellarchitected/options.go +++ b/service/wellarchitected/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/wisdom/api_client.go b/service/wisdom/api_client.go index 2cc5c36571e..bad899e58e1 100644 --- a/service/wisdom/api_client.go +++ b/service/wisdom/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/wisdom/auth.go b/service/wisdom/auth.go index cc7e3e81155..386e4c55d5d 100644 --- a/service/wisdom/auth.go +++ b/service/wisdom/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/wisdom/endpoints.go b/service/wisdom/endpoints.go index 528ee8fc173..523917f479c 100644 --- a/service/wisdom/endpoints.go +++ b/service/wisdom/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/wisdom/options.go b/service/wisdom/options.go index 5dcadba3b04..a3122e0e65a 100644 --- a/service/wisdom/options.go +++ b/service/wisdom/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workdocs/api_client.go b/service/workdocs/api_client.go index 836b32180b7..efd0b69c4e6 100644 --- a/service/workdocs/api_client.go +++ b/service/workdocs/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/workdocs/auth.go b/service/workdocs/auth.go index 36e28d60a8f..296ba22fb87 100644 --- a/service/workdocs/auth.go +++ b/service/workdocs/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workdocs/endpoints.go b/service/workdocs/endpoints.go index da26b7a8294..11a2b49650c 100644 --- a/service/workdocs/endpoints.go +++ b/service/workdocs/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workdocs/options.go b/service/workdocs/options.go index df4739d4291..2be4a7998ea 100644 --- a/service/workdocs/options.go +++ b/service/workdocs/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/worklink/api_client.go b/service/worklink/api_client.go index 4a8645683cd..52fcd078b39 100644 --- a/service/worklink/api_client.go +++ b/service/worklink/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/worklink/auth.go b/service/worklink/auth.go index 1dca21562bd..e2206c168f2 100644 --- a/service/worklink/auth.go +++ b/service/worklink/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/worklink/endpoints.go b/service/worklink/endpoints.go index 4cbe69f70ca..791e1004f2c 100644 --- a/service/worklink/endpoints.go +++ b/service/worklink/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/worklink/options.go b/service/worklink/options.go index 56b4993937b..50a2a9f9fb6 100644 --- a/service/worklink/options.go +++ b/service/worklink/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workmail/api_client.go b/service/workmail/api_client.go index 746f8625375..92457370e93 100644 --- a/service/workmail/api_client.go +++ b/service/workmail/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -233,15 +234,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -439,6 +441,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/workmail/auth.go b/service/workmail/auth.go index 4a967cad3ff..90dc5a47a0b 100644 --- a/service/workmail/auth.go +++ b/service/workmail/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workmail/endpoints.go b/service/workmail/endpoints.go index 4de2592b178..b1ec5f39be6 100644 --- a/service/workmail/endpoints.go +++ b/service/workmail/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workmail/options.go b/service/workmail/options.go index cb93eca48f2..60064981153 100644 --- a/service/workmail/options.go +++ b/service/workmail/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workmailmessageflow/api_client.go b/service/workmailmessageflow/api_client.go index 2a399897e47..aa0917dba19 100644 --- a/service/workmailmessageflow/api_client.go +++ b/service/workmailmessageflow/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -230,15 +231,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -429,6 +431,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/workmailmessageflow/auth.go b/service/workmailmessageflow/auth.go index aa173cd2cdf..5ea3f483097 100644 --- a/service/workmailmessageflow/auth.go +++ b/service/workmailmessageflow/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workmailmessageflow/endpoints.go b/service/workmailmessageflow/endpoints.go index cf3a237159b..c9de61576c1 100644 --- a/service/workmailmessageflow/endpoints.go +++ b/service/workmailmessageflow/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workmailmessageflow/options.go b/service/workmailmessageflow/options.go index c8cbc66d0ba..3005375ba28 100644 --- a/service/workmailmessageflow/options.go +++ b/service/workmailmessageflow/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspaces/api_client.go b/service/workspaces/api_client.go index 75bdb930596..d55ef0b4388 100644 --- a/service/workspaces/api_client.go +++ b/service/workspaces/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/workspaces/auth.go b/service/workspaces/auth.go index b42be4d1fd9..628fda87a1c 100644 --- a/service/workspaces/auth.go +++ b/service/workspaces/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspaces/endpoints.go b/service/workspaces/endpoints.go index 69aed03d235..fe3451ab7b2 100644 --- a/service/workspaces/endpoints.go +++ b/service/workspaces/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspaces/options.go b/service/workspaces/options.go index ba469893f0b..2c3b45bd790 100644 --- a/service/workspaces/options.go +++ b/service/workspaces/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspacesthinclient/api_client.go b/service/workspacesthinclient/api_client.go index 431023ed515..1bff9df020d 100644 --- a/service/workspacesthinclient/api_client.go +++ b/service/workspacesthinclient/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/workspacesthinclient/auth.go b/service/workspacesthinclient/auth.go index 58483371f89..55fb933f7a9 100644 --- a/service/workspacesthinclient/auth.go +++ b/service/workspacesthinclient/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspacesthinclient/endpoints.go b/service/workspacesthinclient/endpoints.go index a96c5898160..ebfe3063698 100644 --- a/service/workspacesthinclient/endpoints.go +++ b/service/workspacesthinclient/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspacesthinclient/options.go b/service/workspacesthinclient/options.go index 48b7ff835ab..4bd216cdaaa 100644 --- a/service/workspacesthinclient/options.go +++ b/service/workspacesthinclient/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/workspacesweb/api_client.go b/service/workspacesweb/api_client.go index 52c076674e2..abc8f8b69c2 100644 --- a/service/workspacesweb/api_client.go +++ b/service/workspacesweb/api_client.go @@ -16,6 +16,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -234,15 +235,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -440,6 +442,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/workspacesweb/auth.go b/service/workspacesweb/auth.go index df1f2dc8284..6ac4793af0e 100644 --- a/service/workspacesweb/auth.go +++ b/service/workspacesweb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/workspacesweb/endpoints.go b/service/workspacesweb/endpoints.go index 15a220d4afd..f1d2c52d266 100644 --- a/service/workspacesweb/endpoints.go +++ b/service/workspacesweb/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/workspacesweb/options.go b/service/workspacesweb/options.go index 453592286e9..c3f43d6186d 100644 --- a/service/workspacesweb/options.go +++ b/service/workspacesweb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/xray/api_client.go b/service/xray/api_client.go index 971c8b7e100..9c0e4270b5c 100644 --- a/service/xray/api_client.go +++ b/service/xray/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -229,15 +230,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -428,6 +430,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/xray/auth.go b/service/xray/auth.go index 2535c31d707..4fbe729b742 100644 --- a/service/xray/auth.go +++ b/service/xray/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/xray/endpoints.go b/service/xray/endpoints.go index aed3838d535..5827474915e 100644 --- a/service/xray/endpoints.go +++ b/service/xray/endpoints.go @@ -439,7 +439,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) @@ -469,6 +469,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -478,7 +482,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/xray/options.go b/service/xray/options.go index bcc3ba46c14..45cac243c09 100644 --- a/service/xray/options.go +++ b/service/xray/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string From 4871cc2886779d7761532082b97d744588dc1707 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Mon, 12 Feb 2024 18:33:48 -0500 Subject: [PATCH 16/20] add changelog --- .changelog/783a73b97a9843d991c055e06537c43c.json | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 .changelog/783a73b97a9843d991c055e06537c43c.json diff --git a/.changelog/783a73b97a9843d991c055e06537c43c.json b/.changelog/783a73b97a9843d991c055e06537c43c.json new file mode 100644 index 00000000000..97b3a0641d6 --- /dev/null +++ b/.changelog/783a73b97a9843d991c055e06537c43c.json @@ -0,0 +1,9 @@ +{ + "id": "783a73b9-7a98-43d9-91c0-55e06537c43c", + "type": "feature", + "collapse": true, + "description": "regenerate clients with accoundid endpoint codegen", + "modules": [ + "." + ] +} \ No newline at end of file From 7974ca4ac6370f6c023e2c9f09ce512bd08992ab Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Mon, 12 Feb 2024 19:17:32 -0500 Subject: [PATCH 17/20] regenerate cloudwatch client due to model release for request compression --- service/cloudwatch/api_client.go | 33 ++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/service/cloudwatch/api_client.go b/service/cloudwatch/api_client.go index 6d79fd89e7f..3b4149e8e31 100644 --- a/service/cloudwatch/api_client.go +++ b/service/cloudwatch/api_client.go @@ -15,6 +15,7 @@ import ( internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,6 +241,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -430,6 +432,37 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } From eb7effca56841a6d88d5de388143931c63c4bf05 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 13 Feb 2024 00:45:01 -0500 Subject: [PATCH 18/20] normalize accoundid endpoint routing import --- .../go/codegen/customization/AccountIDEndpointRouting.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java index fd41a29835a..293d50c4a4a 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AccountIDEndpointRouting.java @@ -2,8 +2,12 @@ import software.amazon.smithy.aws.go.codegen.SdkGoTypes; import software.amazon.smithy.codegen.core.SymbolProvider; -import software.amazon.smithy.go.codegen.*; +import software.amazon.smithy.go.codegen.GoDelegator; +import software.amazon.smithy.go.codegen.GoSettings; +import software.amazon.smithy.go.codegen.GoStdlibTypes; +import software.amazon.smithy.go.codegen.GoWriter; import software.amazon.smithy.go.codegen.integration.GoIntegration; +import software.amazon.smithy.go.codegen.SmithyGoTypes; import software.amazon.smithy.model.Model; import software.amazon.smithy.rulesengine.traits.EndpointRuleSetTrait; import software.amazon.smithy.utils.MapUtils; From 5ceabb7c9115e06de25742efe5b167297f8a44b8 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Fri, 14 Jun 2024 17:22:02 -0400 Subject: [PATCH 19/20] merge from main --- .../customization/AwsEndpointBuiltins.java | 31 +++++++++++ ...mithy.go.codegen.integration.GoIntegration | 3 +- .../attributevalue/go_module_metadata.go | 2 +- internal/protocoltest/awsrestjson/auth.go | 4 +- internal/protocoltest/ec2query/auth.go | 4 +- internal/protocoltest/jsonrpc10/auth.go | 4 +- internal/protocoltest/query/auth.go | 4 +- internal/protocoltest/restxml/auth.go | 4 +- .../restxmlwithnamespace/api_client.go | 19 +++---- .../protocoltest/restxmlwithnamespace/auth.go | 4 +- .../smithyrpcv2cbor/api_client.go | 17 ++++--- internal/protocoltest/smithyrpcv2cbor/auth.go | 4 +- .../protocoltest/smithyrpcv2cbor/options.go | 3 ++ service/accessanalyzer/api_client.go | 51 +++++++++++++++---- service/account/api_client.go | 51 +++++++++++++++---- service/acm/api_client.go | 51 +++++++++++++++---- service/acmpca/api_client.go | 51 +++++++++++++++---- service/amp/api_client.go | 51 +++++++++++++++---- service/amplify/api_client.go | 51 +++++++++++++++---- service/amplifybackend/api_client.go | 51 +++++++++++++++---- service/amplifyuibuilder/api_client.go | 51 +++++++++++++++---- service/apigateway/api_client.go | 51 +++++++++++++++---- service/apigatewaymanagementapi/api_client.go | 51 +++++++++++++++---- service/apigatewayv2/api_client.go | 51 +++++++++++++++---- service/appconfig/api_client.go | 51 +++++++++++++++---- service/appconfigdata/api_client.go | 51 +++++++++++++++---- service/appfabric/api_client.go | 51 +++++++++++++++---- service/appflow/api_client.go | 51 +++++++++++++++---- service/appintegrations/api_client.go | 51 +++++++++++++++---- service/applicationautoscaling/api_client.go | 51 +++++++++++++++---- service/applicationcostprofiler/api_client.go | 51 +++++++++++++++---- .../applicationdiscoveryservice/api_client.go | 51 +++++++++++++++---- service/applicationinsights/api_client.go | 51 +++++++++++++++---- service/applicationsignals/api_client.go | 51 +++++++++++++++---- service/applicationsignals/auth.go | 8 +-- service/applicationsignals/endpoints.go | 8 ++- service/applicationsignals/options.go | 3 ++ service/appmesh/api_client.go | 51 +++++++++++++++---- service/apprunner/api_client.go | 51 +++++++++++++++---- service/appstream/api_client.go | 51 +++++++++++++++---- service/appsync/api_client.go | 51 +++++++++++++++---- service/apptest/api_client.go | 51 +++++++++++++++---- service/apptest/auth.go | 8 +-- service/apptest/endpoints.go | 8 ++- service/apptest/options.go | 3 ++ service/arczonalshift/api_client.go | 51 +++++++++++++++---- service/artifact/api_client.go | 51 +++++++++++++++---- service/athena/api_client.go | 51 +++++++++++++++---- service/auditmanager/api_client.go | 51 +++++++++++++++---- service/autoscaling/api_client.go | 51 +++++++++++++++---- service/autoscalingplans/api_client.go | 51 +++++++++++++++---- service/b2bi/api_client.go | 51 +++++++++++++++---- service/backup/api_client.go | 51 +++++++++++++++---- service/backupgateway/api_client.go | 51 +++++++++++++++---- service/batch/api_client.go | 51 +++++++++++++++---- service/bcmdataexports/api_client.go | 51 +++++++++++++++---- service/bedrock/api_client.go | 51 +++++++++++++++---- service/bedrockagent/api_client.go | 51 +++++++++++++++---- service/bedrockagentruntime/api_client.go | 51 +++++++++++++++---- service/bedrockruntime/api_client.go | 51 +++++++++++++++---- service/billingconductor/api_client.go | 51 +++++++++++++++---- service/braket/api_client.go | 51 +++++++++++++++---- service/budgets/api_client.go | 51 +++++++++++++++---- service/chatbot/api_client.go | 51 +++++++++++++++---- service/chatbot/auth.go | 8 +-- service/chatbot/endpoints.go | 8 ++- service/chatbot/options.go | 3 ++ service/chime/api_client.go | 51 +++++++++++++++---- service/chimesdkidentity/api_client.go | 51 +++++++++++++++---- service/chimesdkmediapipelines/api_client.go | 51 +++++++++++++++---- service/chimesdkmeetings/api_client.go | 51 +++++++++++++++---- service/chimesdkmessaging/api_client.go | 51 +++++++++++++++---- service/chimesdkvoice/api_client.go | 51 +++++++++++++++---- service/cleanrooms/api_client.go | 51 +++++++++++++++---- service/cleanroomsml/api_client.go | 51 +++++++++++++++---- service/cloud9/api_client.go | 51 +++++++++++++++---- service/cloudcontrol/api_client.go | 51 +++++++++++++++---- service/clouddirectory/api_client.go | 51 +++++++++++++++---- service/cloudformation/api_client.go | 51 +++++++++++++++---- service/cloudfront/api_client.go | 51 +++++++++++++++---- service/cloudfrontkeyvaluestore/api_client.go | 51 +++++++++++++++---- service/cloudhsm/api_client.go | 51 +++++++++++++++---- service/cloudhsmv2/api_client.go | 51 +++++++++++++++---- service/cloudsearch/api_client.go | 51 +++++++++++++++---- service/cloudsearchdomain/api_client.go | 51 +++++++++++++++---- service/cloudtrail/api_client.go | 51 +++++++++++++++---- service/cloudtraildata/api_client.go | 51 +++++++++++++++---- service/cloudwatch/api_client.go | 33 ++++++++++++ service/cloudwatchevents/api_client.go | 51 +++++++++++++++---- service/cloudwatchlogs/api_client.go | 51 +++++++++++++++---- service/codeartifact/api_client.go | 51 +++++++++++++++---- service/codebuild/api_client.go | 51 +++++++++++++++---- service/codecatalyst/api_client.go | 33 ++++++++++++ service/codecommit/api_client.go | 51 +++++++++++++++---- service/codeconnections/api_client.go | 51 +++++++++++++++---- service/codeconnections/auth.go | 8 +-- service/codeconnections/endpoints.go | 8 ++- service/codeconnections/options.go | 3 ++ service/codedeploy/api_client.go | 51 +++++++++++++++---- service/codeguruprofiler/api_client.go | 51 +++++++++++++++---- service/codegurureviewer/api_client.go | 51 +++++++++++++++---- service/codegurusecurity/api_client.go | 51 +++++++++++++++---- service/codepipeline/api_client.go | 51 +++++++++++++++---- service/codestar/api_client.go | 51 +++++++++++++++---- service/codestarconnections/api_client.go | 51 +++++++++++++++---- service/codestarnotifications/api_client.go | 51 +++++++++++++++---- service/cognitoidentity/api_client.go | 51 +++++++++++++++---- service/cognitoidentityprovider/api_client.go | 51 +++++++++++++++---- service/cognitosync/api_client.go | 51 +++++++++++++++---- service/comprehend/api_client.go | 51 +++++++++++++++---- service/comprehendmedical/api_client.go | 51 +++++++++++++++---- service/computeoptimizer/api_client.go | 51 +++++++++++++++---- service/configservice/api_client.go | 51 +++++++++++++++---- service/connect/api_client.go | 51 +++++++++++++++---- service/connectcampaigns/api_client.go | 51 +++++++++++++++---- service/connectcases/api_client.go | 51 +++++++++++++++---- service/connectcontactlens/api_client.go | 51 +++++++++++++++---- service/connectparticipant/api_client.go | 51 +++++++++++++++---- service/controlcatalog/api_client.go | 51 +++++++++++++++---- service/controltower/api_client.go | 51 +++++++++++++++---- .../costandusagereportservice/api_client.go | 51 +++++++++++++++---- service/costexplorer/api_client.go | 51 +++++++++++++++---- service/costoptimizationhub/api_client.go | 51 +++++++++++++++---- service/customerprofiles/api_client.go | 51 +++++++++++++++---- .../databasemigrationservice/api_client.go | 51 +++++++++++++++---- service/databrew/api_client.go | 51 +++++++++++++++---- service/dataexchange/api_client.go | 51 +++++++++++++++---- service/datapipeline/api_client.go | 51 +++++++++++++++---- service/datasync/api_client.go | 51 +++++++++++++++---- service/datazone/api_client.go | 51 +++++++++++++++---- service/dax/api_client.go | 51 +++++++++++++++---- service/deadline/api_client.go | 51 +++++++++++++++---- service/detective/api_client.go | 51 +++++++++++++++---- service/devicefarm/api_client.go | 51 +++++++++++++++---- service/devopsguru/api_client.go | 51 +++++++++++++++---- service/directconnect/api_client.go | 51 +++++++++++++++---- service/directoryservice/api_client.go | 51 +++++++++++++++---- service/dlm/api_client.go | 51 +++++++++++++++---- service/docdb/api_client.go | 51 +++++++++++++++---- service/docdbelastic/api_client.go | 51 +++++++++++++++---- service/drs/api_client.go | 51 +++++++++++++++---- service/dynamodb/api_client.go | 51 +++++++++++++++---- service/dynamodbstreams/api_client.go | 51 +++++++++++++++---- service/ebs/api_client.go | 51 +++++++++++++++---- service/ec2/api_client.go | 51 +++++++++++++++---- service/ec2instanceconnect/api_client.go | 51 +++++++++++++++---- service/ecr/api_client.go | 51 +++++++++++++++---- service/ecrpublic/api_client.go | 51 +++++++++++++++---- service/ecs/api_client.go | 51 +++++++++++++++---- service/efs/api_client.go | 51 +++++++++++++++---- service/eks/api_client.go | 51 +++++++++++++++---- service/eksauth/api_client.go | 51 +++++++++++++++---- service/elasticache/api_client.go | 51 +++++++++++++++---- service/elasticbeanstalk/api_client.go | 51 +++++++++++++++---- service/elasticinference/api_client.go | 51 +++++++++++++++---- service/elasticloadbalancing/api_client.go | 51 +++++++++++++++---- service/elasticloadbalancingv2/api_client.go | 51 +++++++++++++++---- service/elasticsearchservice/api_client.go | 51 +++++++++++++++---- service/elastictranscoder/api_client.go | 51 +++++++++++++++---- service/emr/api_client.go | 51 +++++++++++++++---- service/emrcontainers/api_client.go | 51 +++++++++++++++---- service/emrserverless/api_client.go | 51 +++++++++++++++---- service/entityresolution/api_client.go | 51 +++++++++++++++---- service/eventbridge/api_client.go | 51 +++++++++++++++---- service/evidently/api_client.go | 51 +++++++++++++++---- service/finspace/api_client.go | 51 +++++++++++++++---- service/finspacedata/api_client.go | 51 +++++++++++++++---- service/firehose/api_client.go | 51 +++++++++++++++---- service/fis/api_client.go | 51 +++++++++++++++---- service/fms/api_client.go | 51 +++++++++++++++---- service/forecast/api_client.go | 51 +++++++++++++++---- service/forecastquery/api_client.go | 51 +++++++++++++++---- service/frauddetector/api_client.go | 51 +++++++++++++++---- service/freetier/api_client.go | 51 +++++++++++++++---- service/fsx/api_client.go | 51 +++++++++++++++---- service/gamelift/api_client.go | 51 +++++++++++++++---- service/glacier/api_client.go | 51 +++++++++++++++---- service/globalaccelerator/api_client.go | 51 +++++++++++++++---- service/glue/api_client.go | 51 +++++++++++++++---- service/grafana/api_client.go | 51 +++++++++++++++---- service/greengrass/api_client.go | 51 +++++++++++++++---- service/greengrassv2/api_client.go | 51 +++++++++++++++---- service/groundstation/api_client.go | 51 +++++++++++++++---- service/guardduty/api_client.go | 51 +++++++++++++++---- service/health/api_client.go | 51 +++++++++++++++---- service/healthlake/api_client.go | 51 +++++++++++++++---- service/iam/api_client.go | 51 +++++++++++++++---- service/identitystore/api_client.go | 51 +++++++++++++++---- service/imagebuilder/api_client.go | 51 +++++++++++++++---- service/inspector/api_client.go | 51 +++++++++++++++---- service/inspector2/api_client.go | 51 +++++++++++++++---- service/inspectorscan/api_client.go | 51 +++++++++++++++---- service/internetmonitor/api_client.go | 51 +++++++++++++++---- service/iot/api_client.go | 51 +++++++++++++++---- service/iot1clickdevicesservice/api_client.go | 51 +++++++++++++++---- service/iot1clickprojects/api_client.go | 51 +++++++++++++++---- service/iotanalytics/api_client.go | 51 +++++++++++++++---- service/iotdataplane/api_client.go | 51 +++++++++++++++---- service/iotdeviceadvisor/api_client.go | 51 +++++++++++++++---- service/iotevents/api_client.go | 51 +++++++++++++++---- service/ioteventsdata/api_client.go | 51 +++++++++++++++---- service/iotfleethub/api_client.go | 51 +++++++++++++++---- service/iotfleetwise/api_client.go | 51 +++++++++++++++---- service/iotjobsdataplane/api_client.go | 51 +++++++++++++++---- service/iotsecuretunneling/api_client.go | 51 +++++++++++++++---- service/iotsitewise/api_client.go | 51 +++++++++++++++---- service/iotthingsgraph/api_client.go | 51 +++++++++++++++---- service/iottwinmaker/api_client.go | 51 +++++++++++++++---- service/iotwireless/api_client.go | 51 +++++++++++++++---- service/ivs/api_client.go | 51 +++++++++++++++---- service/ivschat/api_client.go | 51 +++++++++++++++---- service/ivsrealtime/api_client.go | 51 +++++++++++++++---- service/kafka/api_client.go | 51 +++++++++++++++---- service/kafkaconnect/api_client.go | 51 +++++++++++++++---- service/kendra/api_client.go | 51 +++++++++++++++---- service/kendraranking/api_client.go | 51 +++++++++++++++---- service/keyspaces/api_client.go | 51 +++++++++++++++---- service/kinesis/api_client.go | 51 +++++++++++++++---- service/kinesisanalytics/api_client.go | 51 +++++++++++++++---- service/kinesisanalyticsv2/api_client.go | 51 +++++++++++++++---- service/kinesisvideo/api_client.go | 51 +++++++++++++++---- .../kinesisvideoarchivedmedia/api_client.go | 51 +++++++++++++++---- service/kinesisvideomedia/api_client.go | 51 +++++++++++++++---- service/kinesisvideosignaling/api_client.go | 51 +++++++++++++++---- .../kinesisvideowebrtcstorage/api_client.go | 51 +++++++++++++++---- service/kms/api_client.go | 51 +++++++++++++++---- service/lakeformation/api_client.go | 51 +++++++++++++++---- service/lambda/api_client.go | 51 +++++++++++++++---- service/launchwizard/api_client.go | 51 +++++++++++++++---- service/lexmodelbuildingservice/api_client.go | 51 +++++++++++++++---- service/lexmodelsv2/api_client.go | 51 +++++++++++++++---- service/lexruntimeservice/api_client.go | 51 +++++++++++++++---- service/lexruntimev2/api_client.go | 51 +++++++++++++++---- service/licensemanager/api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- service/lightsail/api_client.go | 51 +++++++++++++++---- service/location/api_client.go | 51 +++++++++++++++---- service/lookoutequipment/api_client.go | 51 +++++++++++++++---- service/lookoutmetrics/api_client.go | 51 +++++++++++++++---- service/lookoutvision/api_client.go | 51 +++++++++++++++---- service/m2/api_client.go | 51 +++++++++++++++---- service/machinelearning/api_client.go | 51 +++++++++++++++---- service/macie2/api_client.go | 51 +++++++++++++++---- service/mailmanager/api_client.go | 51 +++++++++++++++---- service/mailmanager/auth.go | 8 +-- service/mailmanager/endpoints.go | 8 ++- service/mailmanager/options.go | 3 ++ service/managedblockchain/api_client.go | 51 +++++++++++++++---- service/managedblockchainquery/api_client.go | 51 +++++++++++++++---- service/marketplaceagreement/api_client.go | 51 +++++++++++++++---- service/marketplacecatalog/api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- service/marketplacedeployment/api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- service/marketplacemetering/api_client.go | 51 +++++++++++++++---- service/mediaconnect/api_client.go | 51 +++++++++++++++---- service/mediaconvert/api_client.go | 51 +++++++++++++++---- service/medialive/api_client.go | 51 +++++++++++++++---- service/mediapackage/api_client.go | 51 +++++++++++++++---- service/mediapackagev2/api_client.go | 51 +++++++++++++++---- service/mediapackagevod/api_client.go | 51 +++++++++++++++---- service/mediastore/api_client.go | 51 +++++++++++++++---- service/mediastoredata/api_client.go | 51 +++++++++++++++---- service/mediatailor/api_client.go | 51 +++++++++++++++---- service/medicalimaging/api_client.go | 51 +++++++++++++++---- service/memorydb/api_client.go | 51 +++++++++++++++---- service/mgn/api_client.go | 51 +++++++++++++++---- service/migrationhub/api_client.go | 51 +++++++++++++++---- service/migrationhubconfig/api_client.go | 51 +++++++++++++++---- .../migrationhuborchestrator/api_client.go | 51 +++++++++++++++---- .../migrationhubrefactorspaces/api_client.go | 51 +++++++++++++++---- service/migrationhubstrategy/api_client.go | 51 +++++++++++++++---- service/mobile/api_client.go | 51 +++++++++++++++---- service/mq/api_client.go | 51 +++++++++++++++---- service/mturk/api_client.go | 51 +++++++++++++++---- service/mwaa/api_client.go | 51 +++++++++++++++---- service/neptune/api_client.go | 51 +++++++++++++++---- service/neptunedata/api_client.go | 51 +++++++++++++++---- service/neptunegraph/api_client.go | 51 +++++++++++++++---- service/networkfirewall/api_client.go | 51 +++++++++++++++---- service/networkmanager/api_client.go | 51 +++++++++++++++---- service/networkmonitor/api_client.go | 51 +++++++++++++++---- service/nimble/api_client.go | 51 +++++++++++++++---- service/oam/api_client.go | 51 +++++++++++++++---- service/omics/api_client.go | 51 +++++++++++++++---- service/opensearch/api_client.go | 51 +++++++++++++++---- service/opensearchserverless/api_client.go | 51 +++++++++++++++---- service/opsworks/api_client.go | 51 +++++++++++++++---- service/opsworkscm/api_client.go | 51 +++++++++++++++---- service/organizations/api_client.go | 51 +++++++++++++++---- service/osis/api_client.go | 51 +++++++++++++++---- service/outposts/api_client.go | 51 +++++++++++++++---- service/panorama/api_client.go | 51 +++++++++++++++---- service/paymentcryptography/api_client.go | 51 +++++++++++++++---- service/paymentcryptographydata/api_client.go | 51 +++++++++++++++---- service/pcaconnectorad/api_client.go | 51 +++++++++++++++---- service/pcaconnectorscep/api_client.go | 51 +++++++++++++++---- service/personalize/api_client.go | 51 +++++++++++++++---- service/personalizeevents/api_client.go | 51 +++++++++++++++---- service/personalizeruntime/api_client.go | 51 +++++++++++++++---- service/pi/api_client.go | 51 +++++++++++++++---- service/pinpoint/api_client.go | 51 +++++++++++++++---- service/pinpointemail/api_client.go | 51 +++++++++++++++---- service/pinpointsmsvoice/api_client.go | 51 +++++++++++++++---- service/pinpointsmsvoicev2/api_client.go | 51 +++++++++++++++---- service/pipes/api_client.go | 51 +++++++++++++++---- service/polly/api_client.go | 51 +++++++++++++++---- service/pricing/api_client.go | 51 +++++++++++++++---- service/privatenetworks/api_client.go | 51 +++++++++++++++---- service/proton/api_client.go | 51 +++++++++++++++---- service/qbusiness/api_client.go | 51 +++++++++++++++---- service/qconnect/api_client.go | 51 +++++++++++++++---- service/qldb/api_client.go | 51 +++++++++++++++---- service/qldbsession/api_client.go | 51 +++++++++++++++---- service/quicksight/api_client.go | 51 +++++++++++++++---- service/ram/api_client.go | 51 +++++++++++++++---- service/rbin/api_client.go | 51 +++++++++++++++---- service/rds/api_client.go | 51 +++++++++++++++---- service/rdsdata/api_client.go | 51 +++++++++++++++---- service/redshift/api_client.go | 51 +++++++++++++++---- service/redshiftdata/api_client.go | 51 +++++++++++++++---- service/redshiftserverless/api_client.go | 51 +++++++++++++++---- service/rekognition/api_client.go | 51 +++++++++++++++---- service/repostspace/api_client.go | 51 +++++++++++++++---- service/resiliencehub/api_client.go | 51 +++++++++++++++---- service/resourceexplorer2/api_client.go | 51 +++++++++++++++---- service/resourcegroups/api_client.go | 51 +++++++++++++++---- .../resourcegroupstaggingapi/api_client.go | 51 +++++++++++++++---- service/robomaker/api_client.go | 51 +++++++++++++++---- service/rolesanywhere/api_client.go | 51 +++++++++++++++---- service/route53/api_client.go | 51 +++++++++++++++---- service/route53domains/api_client.go | 51 +++++++++++++++---- service/route53profiles/api_client.go | 51 +++++++++++++++---- service/route53profiles/auth.go | 8 +-- service/route53profiles/endpoints.go | 8 ++- service/route53profiles/options.go | 3 ++ service/route53recoverycluster/api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- .../route53recoveryreadiness/api_client.go | 51 +++++++++++++++---- service/route53resolver/api_client.go | 51 +++++++++++++++---- service/rum/api_client.go | 51 +++++++++++++++---- service/s3/api_client.go | 51 +++++++++++++++---- service/s3control/api_client.go | 51 +++++++++++++++---- service/s3outposts/api_client.go | 51 +++++++++++++++---- service/sagemaker/api_client.go | 51 +++++++++++++++---- service/sagemakera2iruntime/api_client.go | 51 +++++++++++++++---- service/sagemakeredge/api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- service/sagemakergeospatial/api_client.go | 51 +++++++++++++++---- service/sagemakermetrics/api_client.go | 51 +++++++++++++++---- service/sagemakerruntime/api_client.go | 51 +++++++++++++++---- service/savingsplans/api_client.go | 51 +++++++++++++++---- service/scheduler/api_client.go | 51 +++++++++++++++---- service/schemas/api_client.go | 51 +++++++++++++++---- service/secretsmanager/api_client.go | 51 +++++++++++++++---- service/securityhub/api_client.go | 51 +++++++++++++++---- service/securitylake/api_client.go | 51 +++++++++++++++---- .../api_client.go | 51 +++++++++++++++---- service/servicecatalog/api_client.go | 51 +++++++++++++++---- .../servicecatalogappregistry/api_client.go | 51 +++++++++++++++---- service/servicediscovery/api_client.go | 51 +++++++++++++++---- service/servicequotas/api_client.go | 51 +++++++++++++++---- service/ses/api_client.go | 51 +++++++++++++++---- service/sesv2/api_client.go | 51 +++++++++++++++---- service/sfn/api_client.go | 51 +++++++++++++++---- service/shield/api_client.go | 51 +++++++++++++++---- service/signer/api_client.go | 51 +++++++++++++++---- service/simspaceweaver/api_client.go | 51 +++++++++++++++---- service/sms/api_client.go | 51 +++++++++++++++---- service/snowball/api_client.go | 51 +++++++++++++++---- service/snowdevicemanagement/api_client.go | 51 +++++++++++++++---- service/sns/api_client.go | 51 +++++++++++++++---- service/sqs/api_client.go | 51 +++++++++++++++---- service/ssm/api_client.go | 51 +++++++++++++++---- service/ssmcontacts/api_client.go | 51 +++++++++++++++---- service/ssmincidents/api_client.go | 51 +++++++++++++++---- service/ssmsap/api_client.go | 51 +++++++++++++++---- service/sso/api_client.go | 51 +++++++++++++++---- service/ssoadmin/api_client.go | 51 +++++++++++++++---- service/ssooidc/api_client.go | 51 +++++++++++++++---- service/storagegateway/api_client.go | 51 +++++++++++++++---- service/sts/api_client.go | 51 +++++++++++++++---- service/supplychain/api_client.go | 51 +++++++++++++++---- service/support/api_client.go | 51 +++++++++++++++---- service/supportapp/api_client.go | 51 +++++++++++++++---- service/swf/api_client.go | 51 +++++++++++++++---- service/synthetics/api_client.go | 51 +++++++++++++++---- service/taxsettings/api_client.go | 51 +++++++++++++++---- service/taxsettings/auth.go | 8 +-- service/taxsettings/endpoints.go | 8 ++- service/taxsettings/options.go | 3 ++ service/textract/api_client.go | 51 +++++++++++++++---- service/timestreaminfluxdb/api_client.go | 51 +++++++++++++++---- service/timestreaminfluxdb/auth.go | 8 +-- service/timestreaminfluxdb/endpoints.go | 8 ++- service/timestreaminfluxdb/options.go | 3 ++ service/timestreamquery/api_client.go | 51 +++++++++++++++---- service/timestreamwrite/api_client.go | 51 +++++++++++++++---- service/tnb/api_client.go | 51 +++++++++++++++---- service/transcribe/api_client.go | 51 +++++++++++++++---- service/transcribestreaming/api_client.go | 51 +++++++++++++++---- service/transfer/api_client.go | 51 +++++++++++++++---- service/translate/api_client.go | 51 +++++++++++++++---- service/trustedadvisor/api_client.go | 51 +++++++++++++++---- service/verifiedpermissions/api_client.go | 51 +++++++++++++++---- service/voiceid/api_client.go | 51 +++++++++++++++---- service/vpclattice/api_client.go | 51 +++++++++++++++---- service/waf/api_client.go | 51 +++++++++++++++---- service/wafregional/api_client.go | 51 +++++++++++++++---- service/wafv2/api_client.go | 51 +++++++++++++++---- service/wellarchitected/api_client.go | 51 +++++++++++++++---- service/wisdom/api_client.go | 51 +++++++++++++++---- service/workdocs/api_client.go | 51 +++++++++++++++---- service/worklink/api_client.go | 51 +++++++++++++++---- service/workmail/api_client.go | 51 +++++++++++++++---- service/workmailmessageflow/api_client.go | 51 +++++++++++++++---- service/workspaces/api_client.go | 51 +++++++++++++++---- service/workspacesthinclient/api_client.go | 51 +++++++++++++++---- service/workspacesweb/api_client.go | 51 +++++++++++++++---- service/xray/api_client.go | 51 +++++++++++++++---- 421 files changed, 16284 insertions(+), 3519 deletions(-) diff --git a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java index f89be4a6e09..d75a91496f6 100644 --- a/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java +++ b/codegen/smithy-aws-go-codegen/src/main/java/software/amazon/smithy/aws/go/codegen/customization/AwsEndpointBuiltins.java @@ -5,10 +5,13 @@ import software.amazon.smithy.go.codegen.GoDelegator; import software.amazon.smithy.go.codegen.GoSettings; import software.amazon.smithy.go.codegen.GoWriter; +import software.amazon.smithy.go.codegen.SmithyGoTypes; import software.amazon.smithy.go.codegen.integration.GoIntegration; import software.amazon.smithy.go.codegen.integration.RuntimeClientPlugin; import software.amazon.smithy.model.Model; +import software.amazon.smithy.rulesengine.traits.EndpointRuleSetTrait; import software.amazon.smithy.utils.ListUtils; +import software.amazon.smithy.utils.MapUtils; import java.util.List; @@ -36,6 +39,8 @@ public class AwsEndpointBuiltins implements GoIntegration { goTemplate("$T(options.UseARNRegion)", SdkGoTypes.Aws.Bool); private static final GoWriter.Writable BindAwsS3DisableMultiRegionAccessPoints = goTemplate("$T(options.DisableMultiRegionAccessPoints)", SdkGoTypes.Aws.Bool); + private static final GoWriter.Writable BindAccountID = + goTemplate("resolveAccountID(getIdentity(ctx), options.AccountIDEndpointMode)"); @Override public List getClientPlugins() { @@ -49,12 +54,38 @@ public List getClientPlugins() { .addEndpointBuiltinBinding("AWS::S3::UseArnRegion", BindAwsS3UseArnRegion) .addEndpointBuiltinBinding("AWS::S3::DisableMultiRegionAccessPoints", BindAwsS3DisableMultiRegionAccessPoints) .addEndpointBuiltinBinding("AWS::S3Control::UseArnRegion", BindAwsS3UseArnRegion) + .addEndpointBuiltinBinding("AWS::Auth::AccountId", BindAccountID) .build()); } @Override public void writeAdditionalFiles(GoSettings settings, Model model, SymbolProvider symbolProvider, GoDelegator goDelegator) { goDelegator.useFileWriter("endpoints.go", settings.getModuleName(), builtinBindingSource()); + if (!settings.getService(model).hasTrait(EndpointRuleSetTrait.class)) { + return; + } + goDelegator.useShapeWriter(settings.getService(model), goTemplate(""" + func resolveAccountID(identity $auth:T, mode $accountIDEndpointMode:T) *string { + if mode == $aidModeDisabled:T { + return nil + } + + if ca, ok := identity.(*$credentialsAdapter:T); ok && ca.Credentials.AccountID != "" { + return $string:T(ca.Credentials.AccountID) + } + + return nil + } + """, + MapUtils.of( + "auth", SmithyGoTypes.Auth.Identity, + "accountIDEndpointMode", SdkGoTypes.Aws.AccountIDEndpointMode, + "aidModeUnset", SdkGoTypes.Aws.AccountIDEndpointModeUnset, + "aidModeDisabled", SdkGoTypes.Aws.AccountIDEndpointModeDisabled, + "credentialsAdapter", SdkGoTypes.Internal.Auth.Smithy.CredentialsAdapter, + "string", SdkGoTypes.Aws.String + ) + )); } private GoWriter.Writable builtinBindingSource() { diff --git a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration index 7bd44a0a6a8..69f7100d3c4 100644 --- a/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration +++ b/codegen/smithy-aws-go-codegen/src/main/resources/META-INF/services/software.amazon.smithy.go.codegen.integration.GoIntegration @@ -76,4 +76,5 @@ software.amazon.smithy.aws.go.codegen.customization.CloudFrontKVSSigV4a software.amazon.smithy.aws.go.codegen.customization.BackfillProtocolTestServiceTrait software.amazon.smithy.go.codegen.integration.MiddlewareStackSnapshotTests software.amazon.smithy.aws.go.codegen.customization.s3.S3ExpiresShapeCustomization -software.amazon.smithy.aws.go.codegen.ClockSkewGenerator \ No newline at end of file +software.amazon.smithy.aws.go.codegen.ClockSkewGenerator +software.amazon.smithy.aws.go.codegen.customization.AccountIDEndpointRouting diff --git a/feature/dynamodbstreams/attributevalue/go_module_metadata.go b/feature/dynamodbstreams/attributevalue/go_module_metadata.go index 33187410976..1bbf61e8f4e 100644 --- a/feature/dynamodbstreams/attributevalue/go_module_metadata.go +++ b/feature/dynamodbstreams/attributevalue/go_module_metadata.go @@ -3,4 +3,4 @@ package attributevalue // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.13.29" +const goModuleVersion = "1.14.1" diff --git a/internal/protocoltest/awsrestjson/auth.go b/internal/protocoltest/awsrestjson/auth.go index c87e13b2200..e2f45bb66d8 100644 --- a/internal/protocoltest/awsrestjson/auth.go +++ b/internal/protocoltest/awsrestjson/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -95,7 +95,7 @@ func bindAuthResolverParams(ctx context.Context, operation string, input interfa Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } diff --git a/internal/protocoltest/ec2query/auth.go b/internal/protocoltest/ec2query/auth.go index d9e58b939d6..ebe8a882a16 100644 --- a/internal/protocoltest/ec2query/auth.go +++ b/internal/protocoltest/ec2query/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -95,7 +95,7 @@ func bindAuthResolverParams(ctx context.Context, operation string, input interfa Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } diff --git a/internal/protocoltest/jsonrpc10/auth.go b/internal/protocoltest/jsonrpc10/auth.go index f97468c7f7e..db2f03b5a8a 100644 --- a/internal/protocoltest/jsonrpc10/auth.go +++ b/internal/protocoltest/jsonrpc10/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -95,7 +95,7 @@ func bindAuthResolverParams(ctx context.Context, operation string, input interfa Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } diff --git a/internal/protocoltest/query/auth.go b/internal/protocoltest/query/auth.go index 0960dbdefe9..dfdded03631 100644 --- a/internal/protocoltest/query/auth.go +++ b/internal/protocoltest/query/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -95,7 +95,7 @@ func bindAuthResolverParams(ctx context.Context, operation string, input interfa Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } diff --git a/internal/protocoltest/restxml/auth.go b/internal/protocoltest/restxml/auth.go index 325ea7224b5..be7f9d5de56 100644 --- a/internal/protocoltest/restxml/auth.go +++ b/internal/protocoltest/restxml/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -95,7 +95,7 @@ func bindAuthResolverParams(ctx context.Context, operation string, input interfa Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } diff --git a/internal/protocoltest/restxmlwithnamespace/api_client.go b/internal/protocoltest/restxmlwithnamespace/api_client.go index 48b6e7e0c55..57d2c127ee7 100644 --- a/internal/protocoltest/restxmlwithnamespace/api_client.go +++ b/internal/protocoltest/restxmlwithnamespace/api_client.go @@ -237,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/restxmlwithnamespace/auth.go b/internal/protocoltest/restxmlwithnamespace/auth.go index fba06b674ae..9ab63cd3072 100644 --- a/internal/protocoltest/restxmlwithnamespace/auth.go +++ b/internal/protocoltest/restxmlwithnamespace/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -95,7 +95,7 @@ func bindAuthResolverParams(ctx context.Context, operation string, input interfa Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } diff --git a/internal/protocoltest/smithyrpcv2cbor/api_client.go b/internal/protocoltest/smithyrpcv2cbor/api_client.go index 8c6c1741dfb..13e76adf7bf 100644 --- a/internal/protocoltest/smithyrpcv2cbor/api_client.go +++ b/internal/protocoltest/smithyrpcv2cbor/api_client.go @@ -223,14 +223,15 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) diff --git a/internal/protocoltest/smithyrpcv2cbor/auth.go b/internal/protocoltest/smithyrpcv2cbor/auth.go index d27d14e9bae..0d99577d05e 100644 --- a/internal/protocoltest/smithyrpcv2cbor/auth.go +++ b/internal/protocoltest/smithyrpcv2cbor/auth.go @@ -83,7 +83,7 @@ type AuthResolverParameters struct { Operation string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } @@ -128,7 +128,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/internal/protocoltest/smithyrpcv2cbor/options.go b/internal/protocoltest/smithyrpcv2cbor/options.go index f01eca98eaa..3363ac6a4dc 100644 --- a/internal/protocoltest/smithyrpcv2cbor/options.go +++ b/internal/protocoltest/smithyrpcv2cbor/options.go @@ -21,6 +21,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/accessanalyzer/api_client.go b/service/accessanalyzer/api_client.go index 23561a26e3b..a4f771d94a8 100644 --- a/service/accessanalyzer/api_client.go +++ b/service/accessanalyzer/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/account/api_client.go b/service/account/api_client.go index 7153187c09a..b3e3e44e5f0 100644 --- a/service/account/api_client.go +++ b/service/account/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/acm/api_client.go b/service/acm/api_client.go index eb1270d608a..4a32cdfd870 100644 --- a/service/acm/api_client.go +++ b/service/acm/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/acmpca/api_client.go b/service/acmpca/api_client.go index 9abbad00bfb..0e6010b512d 100644 --- a/service/acmpca/api_client.go +++ b/service/acmpca/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/amp/api_client.go b/service/amp/api_client.go index dad8d28754b..32ae36e4f25 100644 --- a/service/amp/api_client.go +++ b/service/amp/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/amplify/api_client.go b/service/amplify/api_client.go index 06261d6cd7e..973c4c5da25 100644 --- a/service/amplify/api_client.go +++ b/service/amplify/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/amplifybackend/api_client.go b/service/amplifybackend/api_client.go index 53f50eeb94c..63524e53b04 100644 --- a/service/amplifybackend/api_client.go +++ b/service/amplifybackend/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/amplifyuibuilder/api_client.go b/service/amplifyuibuilder/api_client.go index 7101cfb46fe..c3447764474 100644 --- a/service/amplifyuibuilder/api_client.go +++ b/service/amplifyuibuilder/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/apigateway/api_client.go b/service/apigateway/api_client.go index 77cf04c6500..1595b3465c3 100644 --- a/service/apigateway/api_client.go +++ b/service/apigateway/api_client.go @@ -17,6 +17,7 @@ import ( internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" agcust "github.com/aws/aws-sdk-go-v2/service/apigateway/internal/customizations" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/apigatewaymanagementapi/api_client.go b/service/apigatewaymanagementapi/api_client.go index 768510a781e..fa4d55ec78c 100644 --- a/service/apigatewaymanagementapi/api_client.go +++ b/service/apigatewaymanagementapi/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/apigatewayv2/api_client.go b/service/apigatewayv2/api_client.go index 27d85ace8e0..7bb5f4fb541 100644 --- a/service/apigatewayv2/api_client.go +++ b/service/apigatewayv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/appconfig/api_client.go b/service/appconfig/api_client.go index f4f2e867d4a..6238d5cd10f 100644 --- a/service/appconfig/api_client.go +++ b/service/appconfig/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/appconfigdata/api_client.go b/service/appconfigdata/api_client.go index ba2b07e4b7a..a798ca4d135 100644 --- a/service/appconfigdata/api_client.go +++ b/service/appconfigdata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/appfabric/api_client.go b/service/appfabric/api_client.go index 017f33e04af..aacc896ee20 100644 --- a/service/appfabric/api_client.go +++ b/service/appfabric/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/appflow/api_client.go b/service/appflow/api_client.go index de7934616c5..9b29d4b14df 100644 --- a/service/appflow/api_client.go +++ b/service/appflow/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/appintegrations/api_client.go b/service/appintegrations/api_client.go index 0b62fcc097b..59bceb395ab 100644 --- a/service/appintegrations/api_client.go +++ b/service/appintegrations/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/applicationautoscaling/api_client.go b/service/applicationautoscaling/api_client.go index cf736a33de5..b15831aebfb 100644 --- a/service/applicationautoscaling/api_client.go +++ b/service/applicationautoscaling/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/applicationcostprofiler/api_client.go b/service/applicationcostprofiler/api_client.go index 2f7abcca21b..7a16c3162c8 100644 --- a/service/applicationcostprofiler/api_client.go +++ b/service/applicationcostprofiler/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/applicationdiscoveryservice/api_client.go b/service/applicationdiscoveryservice/api_client.go index 36537a4c89d..c91c8542482 100644 --- a/service/applicationdiscoveryservice/api_client.go +++ b/service/applicationdiscoveryservice/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/applicationinsights/api_client.go b/service/applicationinsights/api_client.go index 43b5f340d6b..4594f5165ca 100644 --- a/service/applicationinsights/api_client.go +++ b/service/applicationinsights/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/applicationsignals/api_client.go b/service/applicationsignals/api_client.go index 7b435ccfcd8..cd335d1f939 100644 --- a/service/applicationsignals/api_client.go +++ b/service/applicationsignals/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/applicationsignals/auth.go b/service/applicationsignals/auth.go index fcda371a15c..79e96eb3e5e 100644 --- a/service/applicationsignals/auth.go +++ b/service/applicationsignals/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/applicationsignals/endpoints.go b/service/applicationsignals/endpoints.go index f2bbe7c721b..7d0379d9479 100644 --- a/service/applicationsignals/endpoints.go +++ b/service/applicationsignals/endpoints.go @@ -372,7 +372,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) @@ -401,6 +401,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -410,7 +414,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/applicationsignals/options.go b/service/applicationsignals/options.go index 8919d416b69..23281a83422 100644 --- a/service/applicationsignals/options.go +++ b/service/applicationsignals/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/appmesh/api_client.go b/service/appmesh/api_client.go index 8428374e917..aacdac84154 100644 --- a/service/appmesh/api_client.go +++ b/service/appmesh/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/apprunner/api_client.go b/service/apprunner/api_client.go index a79e126276c..fd879e3c6a4 100644 --- a/service/apprunner/api_client.go +++ b/service/apprunner/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/appstream/api_client.go b/service/appstream/api_client.go index 4d7a099f50c..ecd45784b84 100644 --- a/service/appstream/api_client.go +++ b/service/appstream/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/appsync/api_client.go b/service/appsync/api_client.go index 9952ee1c0d0..1115c3b78c6 100644 --- a/service/appsync/api_client.go +++ b/service/appsync/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/apptest/api_client.go b/service/apptest/api_client.go index 03b8ecea322..120e98ce3cd 100644 --- a/service/apptest/api_client.go +++ b/service/apptest/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/apptest/auth.go b/service/apptest/auth.go index 9e7094f74e7..9952feb2864 100644 --- a/service/apptest/auth.go +++ b/service/apptest/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/apptest/endpoints.go b/service/apptest/endpoints.go index bc236331bf1..1cd636120b0 100644 --- a/service/apptest/endpoints.go +++ b/service/apptest/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/apptest/options.go b/service/apptest/options.go index 2aba17af224..1be8d98969c 100644 --- a/service/apptest/options.go +++ b/service/apptest/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/arczonalshift/api_client.go b/service/arczonalshift/api_client.go index 19bbc311a59..5e8f9b18737 100644 --- a/service/arczonalshift/api_client.go +++ b/service/arczonalshift/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/artifact/api_client.go b/service/artifact/api_client.go index 18c23263800..7a282569b99 100644 --- a/service/artifact/api_client.go +++ b/service/artifact/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/athena/api_client.go b/service/athena/api_client.go index 71444caa6c0..727f20e4e02 100644 --- a/service/athena/api_client.go +++ b/service/athena/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/auditmanager/api_client.go b/service/auditmanager/api_client.go index b2ba97ec202..ac0676437e7 100644 --- a/service/auditmanager/api_client.go +++ b/service/auditmanager/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/autoscaling/api_client.go b/service/autoscaling/api_client.go index 64f57e9c645..4f467e4776c 100644 --- a/service/autoscaling/api_client.go +++ b/service/autoscaling/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/autoscalingplans/api_client.go b/service/autoscalingplans/api_client.go index 4fa16708b1a..becfb474570 100644 --- a/service/autoscalingplans/api_client.go +++ b/service/autoscalingplans/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/b2bi/api_client.go b/service/b2bi/api_client.go index 413e3225203..de377184efb 100644 --- a/service/b2bi/api_client.go +++ b/service/b2bi/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/backup/api_client.go b/service/backup/api_client.go index a26a687666a..7420a353c41 100644 --- a/service/backup/api_client.go +++ b/service/backup/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/backupgateway/api_client.go b/service/backupgateway/api_client.go index fdb0234ea3b..866a89b51d5 100644 --- a/service/backupgateway/api_client.go +++ b/service/backupgateway/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/batch/api_client.go b/service/batch/api_client.go index 843c35b5095..3a55073eeba 100644 --- a/service/batch/api_client.go +++ b/service/batch/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/bcmdataexports/api_client.go b/service/bcmdataexports/api_client.go index 51589906c2b..c1b0a438464 100644 --- a/service/bcmdataexports/api_client.go +++ b/service/bcmdataexports/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/bedrock/api_client.go b/service/bedrock/api_client.go index d38a970d9ad..9b61f5c766e 100644 --- a/service/bedrock/api_client.go +++ b/service/bedrock/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/bedrockagent/api_client.go b/service/bedrockagent/api_client.go index 4c49aa642dc..8ddc6d92d9a 100644 --- a/service/bedrockagent/api_client.go +++ b/service/bedrockagent/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/bedrockagentruntime/api_client.go b/service/bedrockagentruntime/api_client.go index d108219a057..c6e0c890325 100644 --- a/service/bedrockagentruntime/api_client.go +++ b/service/bedrockagentruntime/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/bedrockruntime/api_client.go b/service/bedrockruntime/api_client.go index ecfd454c472..fb701b8f017 100644 --- a/service/bedrockruntime/api_client.go +++ b/service/bedrockruntime/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/billingconductor/api_client.go b/service/billingconductor/api_client.go index f935039a3db..de3437cb416 100644 --- a/service/billingconductor/api_client.go +++ b/service/billingconductor/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/braket/api_client.go b/service/braket/api_client.go index efea93c2899..532f8a8cd6b 100644 --- a/service/braket/api_client.go +++ b/service/braket/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/budgets/api_client.go b/service/budgets/api_client.go index d4343b0206c..e7415f5e09d 100644 --- a/service/budgets/api_client.go +++ b/service/budgets/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/chatbot/api_client.go b/service/chatbot/api_client.go index a397f1daf29..e4e3b44a45c 100644 --- a/service/chatbot/api_client.go +++ b/service/chatbot/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/chatbot/auth.go b/service/chatbot/auth.go index 792d28e62a3..939bfa74aaf 100644 --- a/service/chatbot/auth.go +++ b/service/chatbot/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/chatbot/endpoints.go b/service/chatbot/endpoints.go index bc49e84ff49..d9d9417e8a5 100644 --- a/service/chatbot/endpoints.go +++ b/service/chatbot/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/chatbot/options.go b/service/chatbot/options.go index 1f00d062c30..550ddf5271a 100644 --- a/service/chatbot/options.go +++ b/service/chatbot/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/chime/api_client.go b/service/chime/api_client.go index 39632657174..8b127fef03d 100644 --- a/service/chime/api_client.go +++ b/service/chime/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkidentity/api_client.go b/service/chimesdkidentity/api_client.go index ae7870f57ba..7dd09e02fe7 100644 --- a/service/chimesdkidentity/api_client.go +++ b/service/chimesdkidentity/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkmediapipelines/api_client.go b/service/chimesdkmediapipelines/api_client.go index 9c2a21842a3..4c8b23af1c3 100644 --- a/service/chimesdkmediapipelines/api_client.go +++ b/service/chimesdkmediapipelines/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkmeetings/api_client.go b/service/chimesdkmeetings/api_client.go index 82c104e805d..37219d7529a 100644 --- a/service/chimesdkmeetings/api_client.go +++ b/service/chimesdkmeetings/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkmessaging/api_client.go b/service/chimesdkmessaging/api_client.go index c170ab021fc..62f328f38e9 100644 --- a/service/chimesdkmessaging/api_client.go +++ b/service/chimesdkmessaging/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/chimesdkvoice/api_client.go b/service/chimesdkvoice/api_client.go index 72546f44c14..19c35adec47 100644 --- a/service/chimesdkvoice/api_client.go +++ b/service/chimesdkvoice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cleanrooms/api_client.go b/service/cleanrooms/api_client.go index ab75790825d..b9f414da6b3 100644 --- a/service/cleanrooms/api_client.go +++ b/service/cleanrooms/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cleanroomsml/api_client.go b/service/cleanroomsml/api_client.go index a1845a521a1..18b53b456a0 100644 --- a/service/cleanroomsml/api_client.go +++ b/service/cleanroomsml/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloud9/api_client.go b/service/cloud9/api_client.go index e031f0f6ada..3e0d464cc2a 100644 --- a/service/cloud9/api_client.go +++ b/service/cloud9/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudcontrol/api_client.go b/service/cloudcontrol/api_client.go index 9920b437e56..5ed287aac24 100644 --- a/service/cloudcontrol/api_client.go +++ b/service/cloudcontrol/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/clouddirectory/api_client.go b/service/clouddirectory/api_client.go index bd221557f56..0ba50408e34 100644 --- a/service/clouddirectory/api_client.go +++ b/service/clouddirectory/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudformation/api_client.go b/service/cloudformation/api_client.go index 964158c535d..4bfa79f5010 100644 --- a/service/cloudformation/api_client.go +++ b/service/cloudformation/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/cloudfront/api_client.go b/service/cloudfront/api_client.go index 162cec84941..d4432e93917 100644 --- a/service/cloudfront/api_client.go +++ b/service/cloudfront/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudfrontkeyvaluestore/api_client.go b/service/cloudfrontkeyvaluestore/api_client.go index 2d3e2eba558..61016e62be4 100644 --- a/service/cloudfrontkeyvaluestore/api_client.go +++ b/service/cloudfrontkeyvaluestore/api_client.go @@ -17,6 +17,7 @@ import ( internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" "github.com/aws/aws-sdk-go-v2/internal/v4a" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -245,15 +246,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -500,6 +502,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -531,6 +545,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudhsm/api_client.go b/service/cloudhsm/api_client.go index 810878c2790..9f6b793d31f 100644 --- a/service/cloudhsm/api_client.go +++ b/service/cloudhsm/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudhsmv2/api_client.go b/service/cloudhsmv2/api_client.go index 07bdec27b45..5b98807fbcf 100644 --- a/service/cloudhsmv2/api_client.go +++ b/service/cloudhsmv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudsearch/api_client.go b/service/cloudsearch/api_client.go index 4c2518ff9c5..f857d24d347 100644 --- a/service/cloudsearch/api_client.go +++ b/service/cloudsearch/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudsearchdomain/api_client.go b/service/cloudsearchdomain/api_client.go index 923555c4ed0..9f89c57334f 100644 --- a/service/cloudsearchdomain/api_client.go +++ b/service/cloudsearchdomain/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudtrail/api_client.go b/service/cloudtrail/api_client.go index 326c688665c..5a91cff79ae 100644 --- a/service/cloudtrail/api_client.go +++ b/service/cloudtrail/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudtraildata/api_client.go b/service/cloudtraildata/api_client.go index 517f6e987a3..aa57ce90aa4 100644 --- a/service/cloudtraildata/api_client.go +++ b/service/cloudtraildata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudwatch/api_client.go b/service/cloudwatch/api_client.go index 6e8df26f1ef..3cd3be71cf8 100644 --- a/service/cloudwatch/api_client.go +++ b/service/cloudwatch/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -247,6 +248,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { AppID: cfg.AppID, DisableRequestCompression: cfg.DisableRequestCompression, RequestMinCompressSizeBytes: cfg.RequestMinCompressSizeBytes, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -493,6 +495,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -504,6 +518,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudwatchevents/api_client.go b/service/cloudwatchevents/api_client.go index 609b6c7a5ee..9b5e0d31454 100644 --- a/service/cloudwatchevents/api_client.go +++ b/service/cloudwatchevents/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cloudwatchlogs/api_client.go b/service/cloudwatchlogs/api_client.go index 9e080b2430a..5f1960773db 100644 --- a/service/cloudwatchlogs/api_client.go +++ b/service/cloudwatchlogs/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -243,15 +244,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -505,6 +507,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -516,6 +530,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codeartifact/api_client.go b/service/codeartifact/api_client.go index cabf29b9b3c..24f496187ea 100644 --- a/service/codeartifact/api_client.go +++ b/service/codeartifact/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/codebuild/api_client.go b/service/codebuild/api_client.go index 97b4f8e201e..69140c661f2 100644 --- a/service/codebuild/api_client.go +++ b/service/codebuild/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/codecatalyst/api_client.go b/service/codecatalyst/api_client.go index 048632bfdf9..1a1ca082655 100644 --- a/service/codecatalyst/api_client.go +++ b/service/codecatalyst/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" "github.com/aws/smithy-go/auth/bearer" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" @@ -242,6 +243,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { Logger: cfg.Logger, ClientLogMode: cfg.ClientLogMode, AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -462,6 +464,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func resolveBearerAuthSigner(o *Options) { if o.BearerAuthSigner != nil { return @@ -483,6 +497,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codecommit/api_client.go b/service/codecommit/api_client.go index 1a4e4e6626d..10b18f6369c 100644 --- a/service/codecommit/api_client.go +++ b/service/codecommit/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codeconnections/api_client.go b/service/codeconnections/api_client.go index 6750736a18e..677b1a01cc2 100644 --- a/service/codeconnections/api_client.go +++ b/service/codeconnections/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/codeconnections/auth.go b/service/codeconnections/auth.go index f209ee29bfd..de014688c3e 100644 --- a/service/codeconnections/auth.go +++ b/service/codeconnections/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/codeconnections/endpoints.go b/service/codeconnections/endpoints.go index 566b54d2b3d..9a003054afc 100644 --- a/service/codeconnections/endpoints.go +++ b/service/codeconnections/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/codeconnections/options.go b/service/codeconnections/options.go index 0f7ce822c31..030c14e7e6b 100644 --- a/service/codeconnections/options.go +++ b/service/codeconnections/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/codedeploy/api_client.go b/service/codedeploy/api_client.go index 913f0aec5d1..d8180b5f73a 100644 --- a/service/codedeploy/api_client.go +++ b/service/codedeploy/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/codeguruprofiler/api_client.go b/service/codeguruprofiler/api_client.go index ab0329e5f96..746105a93ab 100644 --- a/service/codeguruprofiler/api_client.go +++ b/service/codeguruprofiler/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codegurureviewer/api_client.go b/service/codegurureviewer/api_client.go index 039a1020726..6689f232fc4 100644 --- a/service/codegurureviewer/api_client.go +++ b/service/codegurureviewer/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codegurusecurity/api_client.go b/service/codegurusecurity/api_client.go index c0af569b599..464581fc34f 100644 --- a/service/codegurusecurity/api_client.go +++ b/service/codegurusecurity/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codepipeline/api_client.go b/service/codepipeline/api_client.go index cb84c234c6d..ee2cc5666ae 100644 --- a/service/codepipeline/api_client.go +++ b/service/codepipeline/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/codestar/api_client.go b/service/codestar/api_client.go index 4fcb7a69f04..118666f82b3 100644 --- a/service/codestar/api_client.go +++ b/service/codestar/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/codestarconnections/api_client.go b/service/codestarconnections/api_client.go index 0617ba08fc3..c3e7344b8b7 100644 --- a/service/codestarconnections/api_client.go +++ b/service/codestarconnections/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/codestarnotifications/api_client.go b/service/codestarnotifications/api_client.go index 1e803b6cfa8..39739df24c6 100644 --- a/service/codestarnotifications/api_client.go +++ b/service/codestarnotifications/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/cognitoidentity/api_client.go b/service/cognitoidentity/api_client.go index e30a8befc28..8f2a459e683 100644 --- a/service/cognitoidentity/api_client.go +++ b/service/cognitoidentity/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cognitoidentityprovider/api_client.go b/service/cognitoidentityprovider/api_client.go index 744f456a462..14269308974 100644 --- a/service/cognitoidentityprovider/api_client.go +++ b/service/cognitoidentityprovider/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/cognitosync/api_client.go b/service/cognitosync/api_client.go index 9f449e6dc6e..da8d8bee8bc 100644 --- a/service/cognitosync/api_client.go +++ b/service/cognitosync/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/comprehend/api_client.go b/service/comprehend/api_client.go index 65268807b5e..7f3aac2f6be 100644 --- a/service/comprehend/api_client.go +++ b/service/comprehend/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/comprehendmedical/api_client.go b/service/comprehendmedical/api_client.go index 8f22f35a05c..0c0207760c3 100644 --- a/service/comprehendmedical/api_client.go +++ b/service/comprehendmedical/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/computeoptimizer/api_client.go b/service/computeoptimizer/api_client.go index df3d5cabc28..71e527eb709 100644 --- a/service/computeoptimizer/api_client.go +++ b/service/computeoptimizer/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/configservice/api_client.go b/service/configservice/api_client.go index a176ba20cdb..2db9886e82a 100644 --- a/service/configservice/api_client.go +++ b/service/configservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/connect/api_client.go b/service/connect/api_client.go index 1d369b4c808..883e8a8cb1c 100644 --- a/service/connect/api_client.go +++ b/service/connect/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/connectcampaigns/api_client.go b/service/connectcampaigns/api_client.go index 07deb34d2bc..4281a080d50 100644 --- a/service/connectcampaigns/api_client.go +++ b/service/connectcampaigns/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/connectcases/api_client.go b/service/connectcases/api_client.go index c004fabc8fa..b190f0dd3de 100644 --- a/service/connectcases/api_client.go +++ b/service/connectcases/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/connectcontactlens/api_client.go b/service/connectcontactlens/api_client.go index 96f64a16867..a91af07ad03 100644 --- a/service/connectcontactlens/api_client.go +++ b/service/connectcontactlens/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/connectparticipant/api_client.go b/service/connectparticipant/api_client.go index 2ac53749e45..9a152a4065e 100644 --- a/service/connectparticipant/api_client.go +++ b/service/connectparticipant/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/controlcatalog/api_client.go b/service/controlcatalog/api_client.go index 91a865c465d..edb1e52c6d0 100644 --- a/service/controlcatalog/api_client.go +++ b/service/controlcatalog/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/controltower/api_client.go b/service/controltower/api_client.go index 0e7244530b7..0bc262d0569 100644 --- a/service/controltower/api_client.go +++ b/service/controltower/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/costandusagereportservice/api_client.go b/service/costandusagereportservice/api_client.go index 9be84f9c5ed..c2cd1df098f 100644 --- a/service/costandusagereportservice/api_client.go +++ b/service/costandusagereportservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/costexplorer/api_client.go b/service/costexplorer/api_client.go index e3eb7ca19e7..c033dc228ba 100644 --- a/service/costexplorer/api_client.go +++ b/service/costexplorer/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/costoptimizationhub/api_client.go b/service/costoptimizationhub/api_client.go index 84e9cee2ae4..8a474a4cc9d 100644 --- a/service/costoptimizationhub/api_client.go +++ b/service/costoptimizationhub/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/customerprofiles/api_client.go b/service/customerprofiles/api_client.go index b103610098b..39563497858 100644 --- a/service/customerprofiles/api_client.go +++ b/service/customerprofiles/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/databasemigrationservice/api_client.go b/service/databasemigrationservice/api_client.go index c60d18e5c79..e72705a058c 100644 --- a/service/databasemigrationservice/api_client.go +++ b/service/databasemigrationservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/databrew/api_client.go b/service/databrew/api_client.go index bb61bf10b67..c15018743f4 100644 --- a/service/databrew/api_client.go +++ b/service/databrew/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/dataexchange/api_client.go b/service/dataexchange/api_client.go index 2f81dc9e3ed..972ae61789d 100644 --- a/service/dataexchange/api_client.go +++ b/service/dataexchange/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/datapipeline/api_client.go b/service/datapipeline/api_client.go index 3a5f4c6fcaf..f75265cd823 100644 --- a/service/datapipeline/api_client.go +++ b/service/datapipeline/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/datasync/api_client.go b/service/datasync/api_client.go index b752af32082..0bb6c98e62d 100644 --- a/service/datasync/api_client.go +++ b/service/datasync/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/datazone/api_client.go b/service/datazone/api_client.go index 255f16dcdd2..5c35acb3176 100644 --- a/service/datazone/api_client.go +++ b/service/datazone/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/dax/api_client.go b/service/dax/api_client.go index 98367d90ef7..d4791518318 100644 --- a/service/dax/api_client.go +++ b/service/dax/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/deadline/api_client.go b/service/deadline/api_client.go index 12dd77c5bb9..73e6b4b8c8b 100644 --- a/service/deadline/api_client.go +++ b/service/deadline/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/detective/api_client.go b/service/detective/api_client.go index ddba9cf3b50..dfb54425b99 100644 --- a/service/detective/api_client.go +++ b/service/detective/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/devicefarm/api_client.go b/service/devicefarm/api_client.go index 21fd1560334..fcd898092c1 100644 --- a/service/devicefarm/api_client.go +++ b/service/devicefarm/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/devopsguru/api_client.go b/service/devopsguru/api_client.go index af58eacc7aa..aa07eb3f72c 100644 --- a/service/devopsguru/api_client.go +++ b/service/devopsguru/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/directconnect/api_client.go b/service/directconnect/api_client.go index fe1ce14850d..ce63c9838b5 100644 --- a/service/directconnect/api_client.go +++ b/service/directconnect/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/directoryservice/api_client.go b/service/directoryservice/api_client.go index b61060d8466..fca5be4ff10 100644 --- a/service/directoryservice/api_client.go +++ b/service/directoryservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/dlm/api_client.go b/service/dlm/api_client.go index b9538e58d35..85fd654a816 100644 --- a/service/dlm/api_client.go +++ b/service/dlm/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/docdb/api_client.go b/service/docdb/api_client.go index 5e01d0df7f0..ede5936c354 100644 --- a/service/docdb/api_client.go +++ b/service/docdb/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -495,6 +497,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -506,6 +520,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/docdbelastic/api_client.go b/service/docdbelastic/api_client.go index b3d30f1317b..3d5b9b205c1 100644 --- a/service/docdbelastic/api_client.go +++ b/service/docdbelastic/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/drs/api_client.go b/service/drs/api_client.go index 3578b84459e..03551bc9ce4 100644 --- a/service/drs/api_client.go +++ b/service/drs/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/dynamodb/api_client.go b/service/dynamodb/api_client.go index c7b4b34a09c..f4c43fea74e 100644 --- a/service/dynamodb/api_client.go +++ b/service/dynamodb/api_client.go @@ -20,6 +20,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -252,15 +253,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -597,6 +599,18 @@ func (c *Client) handleEndpointDiscoveryFromService(ctx context.Context, input * return endpoint, nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -608,6 +622,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/dynamodbstreams/api_client.go b/service/dynamodbstreams/api_client.go index d7016d944f5..ea1ad2d2794 100644 --- a/service/dynamodbstreams/api_client.go +++ b/service/dynamodbstreams/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ebs/api_client.go b/service/ebs/api_client.go index 43d9c46edf3..23078ac1139 100644 --- a/service/ebs/api_client.go +++ b/service/ebs/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ec2/api_client.go b/service/ec2/api_client.go index 0a79bd614e3..d928e29e53c 100644 --- a/service/ec2/api_client.go +++ b/service/ec2/api_client.go @@ -20,6 +20,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -244,15 +245,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -506,6 +508,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -517,6 +531,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ec2instanceconnect/api_client.go b/service/ec2instanceconnect/api_client.go index 2c884aa12f1..aaefdfcddec 100644 --- a/service/ec2instanceconnect/api_client.go +++ b/service/ec2instanceconnect/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ecr/api_client.go b/service/ecr/api_client.go index 340f50fdd09..994190d7fbf 100644 --- a/service/ecr/api_client.go +++ b/service/ecr/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ecrpublic/api_client.go b/service/ecrpublic/api_client.go index 7339755e979..11c5fe46169 100644 --- a/service/ecrpublic/api_client.go +++ b/service/ecrpublic/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ecs/api_client.go b/service/ecs/api_client.go index 81ddafee6a3..5400d196adc 100644 --- a/service/ecs/api_client.go +++ b/service/ecs/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/efs/api_client.go b/service/efs/api_client.go index e9cc55d6fe8..1cfbc7c0d70 100644 --- a/service/efs/api_client.go +++ b/service/efs/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/eks/api_client.go b/service/eks/api_client.go index 016358a4caf..50fce3b59ca 100644 --- a/service/eks/api_client.go +++ b/service/eks/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/eksauth/api_client.go b/service/eksauth/api_client.go index 2ea53e73594..1459d2b82c2 100644 --- a/service/eksauth/api_client.go +++ b/service/eksauth/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elasticache/api_client.go b/service/elasticache/api_client.go index 5fa77576dd7..95de82281c6 100644 --- a/service/elasticache/api_client.go +++ b/service/elasticache/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elasticbeanstalk/api_client.go b/service/elasticbeanstalk/api_client.go index a2aaae79a35..acf71d627ad 100644 --- a/service/elasticbeanstalk/api_client.go +++ b/service/elasticbeanstalk/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elasticinference/api_client.go b/service/elasticinference/api_client.go index 0d4fbcf0f1f..f0155c87825 100644 --- a/service/elasticinference/api_client.go +++ b/service/elasticinference/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elasticloadbalancing/api_client.go b/service/elasticloadbalancing/api_client.go index eef4f673fac..a332f61bdf5 100644 --- a/service/elasticloadbalancing/api_client.go +++ b/service/elasticloadbalancing/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elasticloadbalancingv2/api_client.go b/service/elasticloadbalancingv2/api_client.go index 75f56d323da..c7bc0f4c0ba 100644 --- a/service/elasticloadbalancingv2/api_client.go +++ b/service/elasticloadbalancingv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elasticsearchservice/api_client.go b/service/elasticsearchservice/api_client.go index 68aa31db68c..6a3e3807c5b 100644 --- a/service/elasticsearchservice/api_client.go +++ b/service/elasticsearchservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/elastictranscoder/api_client.go b/service/elastictranscoder/api_client.go index effcf13e82c..70c2c1c3f27 100644 --- a/service/elastictranscoder/api_client.go +++ b/service/elastictranscoder/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/emr/api_client.go b/service/emr/api_client.go index c6351aacf5f..c04dc3d0d02 100644 --- a/service/emr/api_client.go +++ b/service/emr/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/emrcontainers/api_client.go b/service/emrcontainers/api_client.go index e9dd688ba7e..a4da45116f6 100644 --- a/service/emrcontainers/api_client.go +++ b/service/emrcontainers/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/emrserverless/api_client.go b/service/emrserverless/api_client.go index 0525ee6b377..186fa8640f2 100644 --- a/service/emrserverless/api_client.go +++ b/service/emrserverless/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/entityresolution/api_client.go b/service/entityresolution/api_client.go index 2b63853b559..01d5a511fb8 100644 --- a/service/entityresolution/api_client.go +++ b/service/entityresolution/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/eventbridge/api_client.go b/service/eventbridge/api_client.go index 70e59e685ef..bf6a8340e10 100644 --- a/service/eventbridge/api_client.go +++ b/service/eventbridge/api_client.go @@ -17,6 +17,7 @@ import ( internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" "github.com/aws/aws-sdk-go-v2/internal/v4a" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -246,15 +247,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -501,6 +503,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -532,6 +546,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/evidently/api_client.go b/service/evidently/api_client.go index fd67ad6bcf4..7f60b70b0a1 100644 --- a/service/evidently/api_client.go +++ b/service/evidently/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/finspace/api_client.go b/service/finspace/api_client.go index 59f08cf6a6c..069fc7225bd 100644 --- a/service/finspace/api_client.go +++ b/service/finspace/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -242,15 +243,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -534,6 +536,18 @@ func addRestJsonContentTypeCustomization(stack *middleware.Stack) error { return stack.Serialize.Insert(&customizeRestJsonContentType{}, "OperationSerializer", middleware.After) } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -545,6 +559,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/finspacedata/api_client.go b/service/finspacedata/api_client.go index 257e03dd11b..277bd4c3253 100644 --- a/service/finspacedata/api_client.go +++ b/service/finspacedata/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -533,6 +535,18 @@ func addRestJsonContentTypeCustomization(stack *middleware.Stack) error { return stack.Serialize.Insert(&customizeRestJsonContentType{}, "OperationSerializer", middleware.After) } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -544,6 +558,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/firehose/api_client.go b/service/firehose/api_client.go index d4aaecacd03..4643101781c 100644 --- a/service/firehose/api_client.go +++ b/service/firehose/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/fis/api_client.go b/service/fis/api_client.go index f7968e911b6..dad7f5e5726 100644 --- a/service/fis/api_client.go +++ b/service/fis/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/fms/api_client.go b/service/fms/api_client.go index 551b512778c..58d61e6e8f8 100644 --- a/service/fms/api_client.go +++ b/service/fms/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/forecast/api_client.go b/service/forecast/api_client.go index e1be7938dd1..52c0912a839 100644 --- a/service/forecast/api_client.go +++ b/service/forecast/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/forecastquery/api_client.go b/service/forecastquery/api_client.go index fc5e1ef50bf..4ba56d3f816 100644 --- a/service/forecastquery/api_client.go +++ b/service/forecastquery/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/frauddetector/api_client.go b/service/frauddetector/api_client.go index e1f09fc7413..bb7954faeef 100644 --- a/service/frauddetector/api_client.go +++ b/service/frauddetector/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/freetier/api_client.go b/service/freetier/api_client.go index 12681d0b2c6..326cc8b8aeb 100644 --- a/service/freetier/api_client.go +++ b/service/freetier/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/fsx/api_client.go b/service/fsx/api_client.go index e9506b61c89..0f076d4b75b 100644 --- a/service/fsx/api_client.go +++ b/service/fsx/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/gamelift/api_client.go b/service/gamelift/api_client.go index 2b878eb7ddf..3d726dc71d7 100644 --- a/service/gamelift/api_client.go +++ b/service/gamelift/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/glacier/api_client.go b/service/glacier/api_client.go index 048abb56191..0e2c9086e31 100644 --- a/service/glacier/api_client.go +++ b/service/glacier/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/globalaccelerator/api_client.go b/service/globalaccelerator/api_client.go index 6a5547b9b7d..2c1deb5f51e 100644 --- a/service/globalaccelerator/api_client.go +++ b/service/globalaccelerator/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/glue/api_client.go b/service/glue/api_client.go index cc444b729be..b66e4346838 100644 --- a/service/glue/api_client.go +++ b/service/glue/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/grafana/api_client.go b/service/grafana/api_client.go index d288e937b63..dfb125eddee 100644 --- a/service/grafana/api_client.go +++ b/service/grafana/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/greengrass/api_client.go b/service/greengrass/api_client.go index 268c459cee1..bb375c022b3 100644 --- a/service/greengrass/api_client.go +++ b/service/greengrass/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/greengrassv2/api_client.go b/service/greengrassv2/api_client.go index ac325dcdbf5..f72f1b60fff 100644 --- a/service/greengrassv2/api_client.go +++ b/service/greengrassv2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/groundstation/api_client.go b/service/groundstation/api_client.go index b9622b435ac..16e639c7678 100644 --- a/service/groundstation/api_client.go +++ b/service/groundstation/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/guardduty/api_client.go b/service/guardduty/api_client.go index d67ef797e2d..c2929cead5e 100644 --- a/service/guardduty/api_client.go +++ b/service/guardduty/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/health/api_client.go b/service/health/api_client.go index 82229ddff99..d6bf6ce9f0e 100644 --- a/service/health/api_client.go +++ b/service/health/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/healthlake/api_client.go b/service/healthlake/api_client.go index 0c4e301099e..488fade90bc 100644 --- a/service/healthlake/api_client.go +++ b/service/healthlake/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iam/api_client.go b/service/iam/api_client.go index 3643bbf1094..10ab6b13b7b 100644 --- a/service/iam/api_client.go +++ b/service/iam/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/identitystore/api_client.go b/service/identitystore/api_client.go index 81650ff99b7..9f3bb269cde 100644 --- a/service/identitystore/api_client.go +++ b/service/identitystore/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/imagebuilder/api_client.go b/service/imagebuilder/api_client.go index 973b3d772f8..b067ec98781 100644 --- a/service/imagebuilder/api_client.go +++ b/service/imagebuilder/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/inspector/api_client.go b/service/inspector/api_client.go index c9be77b69bd..20084b6623e 100644 --- a/service/inspector/api_client.go +++ b/service/inspector/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/inspector2/api_client.go b/service/inspector2/api_client.go index 2b34f6637f7..5d861825d5f 100644 --- a/service/inspector2/api_client.go +++ b/service/inspector2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/inspectorscan/api_client.go b/service/inspectorscan/api_client.go index b85e2ba8948..6d2cd98a3ff 100644 --- a/service/inspectorscan/api_client.go +++ b/service/inspectorscan/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/internetmonitor/api_client.go b/service/internetmonitor/api_client.go index 31b7fbd74fd..2b8db039c18 100644 --- a/service/internetmonitor/api_client.go +++ b/service/internetmonitor/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iot/api_client.go b/service/iot/api_client.go index ec629d381ed..adc0ea18890 100644 --- a/service/iot/api_client.go +++ b/service/iot/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iot1clickdevicesservice/api_client.go b/service/iot1clickdevicesservice/api_client.go index c161ebdb2d1..8e750f78639 100644 --- a/service/iot1clickdevicesservice/api_client.go +++ b/service/iot1clickdevicesservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iot1clickprojects/api_client.go b/service/iot1clickprojects/api_client.go index c7540f19f2d..e0abe1a7b3e 100644 --- a/service/iot1clickprojects/api_client.go +++ b/service/iot1clickprojects/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotanalytics/api_client.go b/service/iotanalytics/api_client.go index e5b06364ec6..9bd4469da23 100644 --- a/service/iotanalytics/api_client.go +++ b/service/iotanalytics/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotdataplane/api_client.go b/service/iotdataplane/api_client.go index 2e70b82f266..208765863cd 100644 --- a/service/iotdataplane/api_client.go +++ b/service/iotdataplane/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotdeviceadvisor/api_client.go b/service/iotdeviceadvisor/api_client.go index fdcf202a1cc..585b5f56a48 100644 --- a/service/iotdeviceadvisor/api_client.go +++ b/service/iotdeviceadvisor/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotevents/api_client.go b/service/iotevents/api_client.go index 11d224cce2f..a4f225d9a5f 100644 --- a/service/iotevents/api_client.go +++ b/service/iotevents/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ioteventsdata/api_client.go b/service/ioteventsdata/api_client.go index 9ebeb2107a2..3a90b8aa459 100644 --- a/service/ioteventsdata/api_client.go +++ b/service/ioteventsdata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotfleethub/api_client.go b/service/iotfleethub/api_client.go index 8b5d0e0647e..6622569c22f 100644 --- a/service/iotfleethub/api_client.go +++ b/service/iotfleethub/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iotfleetwise/api_client.go b/service/iotfleetwise/api_client.go index 4cef62fe707..8a69dff53ee 100644 --- a/service/iotfleetwise/api_client.go +++ b/service/iotfleetwise/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotjobsdataplane/api_client.go b/service/iotjobsdataplane/api_client.go index e80fda92e64..1b7e65331e2 100644 --- a/service/iotjobsdataplane/api_client.go +++ b/service/iotjobsdataplane/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotsecuretunneling/api_client.go b/service/iotsecuretunneling/api_client.go index e189886f136..66d08f2037e 100644 --- a/service/iotsecuretunneling/api_client.go +++ b/service/iotsecuretunneling/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotsitewise/api_client.go b/service/iotsitewise/api_client.go index b15ed6e5222..5868a7bef95 100644 --- a/service/iotsitewise/api_client.go +++ b/service/iotsitewise/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/iotthingsgraph/api_client.go b/service/iotthingsgraph/api_client.go index 5539ca3cafe..20f43089d54 100644 --- a/service/iotthingsgraph/api_client.go +++ b/service/iotthingsgraph/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iottwinmaker/api_client.go b/service/iottwinmaker/api_client.go index aa58694e0fe..b0c9a5a5465 100644 --- a/service/iottwinmaker/api_client.go +++ b/service/iottwinmaker/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/iotwireless/api_client.go b/service/iotwireless/api_client.go index f8029dba359..7c385491168 100644 --- a/service/iotwireless/api_client.go +++ b/service/iotwireless/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ivs/api_client.go b/service/ivs/api_client.go index 7101214f8f2..9942d9d58a0 100644 --- a/service/ivs/api_client.go +++ b/service/ivs/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ivschat/api_client.go b/service/ivschat/api_client.go index 03b910f50de..49aac61bb24 100644 --- a/service/ivschat/api_client.go +++ b/service/ivschat/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ivsrealtime/api_client.go b/service/ivsrealtime/api_client.go index 74c025cce05..6e93c653c5e 100644 --- a/service/ivsrealtime/api_client.go +++ b/service/ivsrealtime/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/kafka/api_client.go b/service/kafka/api_client.go index e441cc2e3da..a21785e5875 100644 --- a/service/kafka/api_client.go +++ b/service/kafka/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kafkaconnect/api_client.go b/service/kafkaconnect/api_client.go index 02771ef6d99..6d436e6849d 100644 --- a/service/kafkaconnect/api_client.go +++ b/service/kafkaconnect/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kendra/api_client.go b/service/kendra/api_client.go index 15cf93379d4..1f7f4bdec15 100644 --- a/service/kendra/api_client.go +++ b/service/kendra/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/kendraranking/api_client.go b/service/kendraranking/api_client.go index 0aca89b4f39..946fc60fac5 100644 --- a/service/kendraranking/api_client.go +++ b/service/kendraranking/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/keyspaces/api_client.go b/service/keyspaces/api_client.go index e78409b574b..ddbe1af6f0b 100644 --- a/service/keyspaces/api_client.go +++ b/service/keyspaces/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesis/api_client.go b/service/kinesis/api_client.go index 5d7d734b67c..3f9a4cc2686 100644 --- a/service/kinesis/api_client.go +++ b/service/kinesis/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -238,15 +239,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -493,6 +495,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -504,6 +518,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisanalytics/api_client.go b/service/kinesisanalytics/api_client.go index 605bb8ac099..9266d07ae2a 100644 --- a/service/kinesisanalytics/api_client.go +++ b/service/kinesisanalytics/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisanalyticsv2/api_client.go b/service/kinesisanalyticsv2/api_client.go index d140ea2a81d..29944e88733 100644 --- a/service/kinesisanalyticsv2/api_client.go +++ b/service/kinesisanalyticsv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisvideo/api_client.go b/service/kinesisvideo/api_client.go index 2b272edf861..26563bc1ae1 100644 --- a/service/kinesisvideo/api_client.go +++ b/service/kinesisvideo/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisvideoarchivedmedia/api_client.go b/service/kinesisvideoarchivedmedia/api_client.go index cab552fd65a..90408dcdb76 100644 --- a/service/kinesisvideoarchivedmedia/api_client.go +++ b/service/kinesisvideoarchivedmedia/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisvideomedia/api_client.go b/service/kinesisvideomedia/api_client.go index 7e44b0f3385..7e23059cc80 100644 --- a/service/kinesisvideomedia/api_client.go +++ b/service/kinesisvideomedia/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisvideosignaling/api_client.go b/service/kinesisvideosignaling/api_client.go index 4f60145b53d..29325c19503 100644 --- a/service/kinesisvideosignaling/api_client.go +++ b/service/kinesisvideosignaling/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kinesisvideowebrtcstorage/api_client.go b/service/kinesisvideowebrtcstorage/api_client.go index 8459499f839..cd9fd682fff 100644 --- a/service/kinesisvideowebrtcstorage/api_client.go +++ b/service/kinesisvideowebrtcstorage/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/kms/api_client.go b/service/kms/api_client.go index abb6da4a84f..cdb46d3aa45 100644 --- a/service/kms/api_client.go +++ b/service/kms/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lakeformation/api_client.go b/service/lakeformation/api_client.go index f85f3dfd0df..0b9cd2daffd 100644 --- a/service/lakeformation/api_client.go +++ b/service/lakeformation/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lambda/api_client.go b/service/lambda/api_client.go index cb79a897b07..fada9abb9e5 100644 --- a/service/lambda/api_client.go +++ b/service/lambda/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -238,15 +239,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -493,6 +495,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -504,6 +518,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/launchwizard/api_client.go b/service/launchwizard/api_client.go index ef8e1fc4484..59d583b0b7b 100644 --- a/service/launchwizard/api_client.go +++ b/service/launchwizard/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lexmodelbuildingservice/api_client.go b/service/lexmodelbuildingservice/api_client.go index 099aba9bc11..eb6dbe9c8bc 100644 --- a/service/lexmodelbuildingservice/api_client.go +++ b/service/lexmodelbuildingservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lexmodelsv2/api_client.go b/service/lexmodelsv2/api_client.go index 05df0b88847..d4ba9d588e3 100644 --- a/service/lexmodelsv2/api_client.go +++ b/service/lexmodelsv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lexruntimeservice/api_client.go b/service/lexruntimeservice/api_client.go index 6c1e3c3044d..a6b18ae37ec 100644 --- a/service/lexruntimeservice/api_client.go +++ b/service/lexruntimeservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lexruntimev2/api_client.go b/service/lexruntimev2/api_client.go index b298236316f..6b815ebaef9 100644 --- a/service/lexruntimev2/api_client.go +++ b/service/lexruntimev2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/licensemanager/api_client.go b/service/licensemanager/api_client.go index b998fda2155..6dc59bbd873 100644 --- a/service/licensemanager/api_client.go +++ b/service/licensemanager/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/licensemanagerlinuxsubscriptions/api_client.go b/service/licensemanagerlinuxsubscriptions/api_client.go index 0877376fe6b..61a3ef1e9cf 100644 --- a/service/licensemanagerlinuxsubscriptions/api_client.go +++ b/service/licensemanagerlinuxsubscriptions/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/licensemanagerusersubscriptions/api_client.go b/service/licensemanagerusersubscriptions/api_client.go index 0c86b05fb62..5374309709b 100644 --- a/service/licensemanagerusersubscriptions/api_client.go +++ b/service/licensemanagerusersubscriptions/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lightsail/api_client.go b/service/lightsail/api_client.go index 5c1bf4e6155..cd266b68f85 100644 --- a/service/lightsail/api_client.go +++ b/service/lightsail/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/location/api_client.go b/service/location/api_client.go index b1debfe7c96..e95d38e6121 100644 --- a/service/location/api_client.go +++ b/service/location/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lookoutequipment/api_client.go b/service/lookoutequipment/api_client.go index e4e934cfa5d..701aaaf7d2a 100644 --- a/service/lookoutequipment/api_client.go +++ b/service/lookoutequipment/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/lookoutmetrics/api_client.go b/service/lookoutmetrics/api_client.go index a523f85e937..f0d8302bfcf 100644 --- a/service/lookoutmetrics/api_client.go +++ b/service/lookoutmetrics/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/lookoutvision/api_client.go b/service/lookoutvision/api_client.go index 52bcc10c614..4f67e636b36 100644 --- a/service/lookoutvision/api_client.go +++ b/service/lookoutvision/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/m2/api_client.go b/service/m2/api_client.go index 22f4251d55e..48901d89d9a 100644 --- a/service/m2/api_client.go +++ b/service/m2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/machinelearning/api_client.go b/service/machinelearning/api_client.go index 088b61cf2f1..f86ff84abab 100644 --- a/service/machinelearning/api_client.go +++ b/service/machinelearning/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/macie2/api_client.go b/service/macie2/api_client.go index efb53372301..983dae602dc 100644 --- a/service/macie2/api_client.go +++ b/service/macie2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mailmanager/api_client.go b/service/mailmanager/api_client.go index 99a781cc1ba..fe8f10dfe42 100644 --- a/service/mailmanager/api_client.go +++ b/service/mailmanager/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mailmanager/auth.go b/service/mailmanager/auth.go index b375c3868f6..e0359706d74 100644 --- a/service/mailmanager/auth.go +++ b/service/mailmanager/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/mailmanager/endpoints.go b/service/mailmanager/endpoints.go index 7ccd55fc91b..ab0e543c181 100644 --- a/service/mailmanager/endpoints.go +++ b/service/mailmanager/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/mailmanager/options.go b/service/mailmanager/options.go index 1f947c86dca..20cdae81fd3 100644 --- a/service/mailmanager/options.go +++ b/service/mailmanager/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/managedblockchain/api_client.go b/service/managedblockchain/api_client.go index f1af3e9c7d2..9046647f2cc 100644 --- a/service/managedblockchain/api_client.go +++ b/service/managedblockchain/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/managedblockchainquery/api_client.go b/service/managedblockchainquery/api_client.go index 7b6ad863a6f..d5fe3cf4c39 100644 --- a/service/managedblockchainquery/api_client.go +++ b/service/managedblockchainquery/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/marketplaceagreement/api_client.go b/service/marketplaceagreement/api_client.go index 0e06c28c47c..fda83ee0f66 100644 --- a/service/marketplaceagreement/api_client.go +++ b/service/marketplaceagreement/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/marketplacecatalog/api_client.go b/service/marketplacecatalog/api_client.go index 4521f3b254c..1ec169320ec 100644 --- a/service/marketplacecatalog/api_client.go +++ b/service/marketplacecatalog/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/marketplacecommerceanalytics/api_client.go b/service/marketplacecommerceanalytics/api_client.go index 652c756f872..14fbc43dec1 100644 --- a/service/marketplacecommerceanalytics/api_client.go +++ b/service/marketplacecommerceanalytics/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/marketplacedeployment/api_client.go b/service/marketplacedeployment/api_client.go index c008152f2db..b80ce03a6c1 100644 --- a/service/marketplacedeployment/api_client.go +++ b/service/marketplacedeployment/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/marketplaceentitlementservice/api_client.go b/service/marketplaceentitlementservice/api_client.go index 8ee4ff0c044..772cd836b7c 100644 --- a/service/marketplaceentitlementservice/api_client.go +++ b/service/marketplaceentitlementservice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/marketplacemetering/api_client.go b/service/marketplacemetering/api_client.go index bacf4081e87..e72470c0e97 100644 --- a/service/marketplacemetering/api_client.go +++ b/service/marketplacemetering/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mediaconnect/api_client.go b/service/mediaconnect/api_client.go index fc735eff47c..3a1dfc12540 100644 --- a/service/mediaconnect/api_client.go +++ b/service/mediaconnect/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mediaconvert/api_client.go b/service/mediaconvert/api_client.go index 23ae00852ff..67ca81d4b5a 100644 --- a/service/mediaconvert/api_client.go +++ b/service/mediaconvert/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/medialive/api_client.go b/service/medialive/api_client.go index 0d16dfd6b19..c9804a82a3e 100644 --- a/service/medialive/api_client.go +++ b/service/medialive/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mediapackage/api_client.go b/service/mediapackage/api_client.go index 846eadff67a..f567f9bc1cb 100644 --- a/service/mediapackage/api_client.go +++ b/service/mediapackage/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mediapackagev2/api_client.go b/service/mediapackagev2/api_client.go index c422bc78930..a7cf80943eb 100644 --- a/service/mediapackagev2/api_client.go +++ b/service/mediapackagev2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mediapackagevod/api_client.go b/service/mediapackagevod/api_client.go index affd12f4003..f732227ac58 100644 --- a/service/mediapackagevod/api_client.go +++ b/service/mediapackagevod/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mediastore/api_client.go b/service/mediastore/api_client.go index c0132888c75..0ad3fb24178 100644 --- a/service/mediastore/api_client.go +++ b/service/mediastore/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mediastoredata/api_client.go b/service/mediastoredata/api_client.go index ae2a74b4b1e..32f6c9e16da 100644 --- a/service/mediastoredata/api_client.go +++ b/service/mediastoredata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mediatailor/api_client.go b/service/mediatailor/api_client.go index 963b880b525..f81ccf5beab 100644 --- a/service/mediatailor/api_client.go +++ b/service/mediatailor/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/medicalimaging/api_client.go b/service/medicalimaging/api_client.go index 07c37b9aac4..b7ea2d501f5 100644 --- a/service/medicalimaging/api_client.go +++ b/service/medicalimaging/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/memorydb/api_client.go b/service/memorydb/api_client.go index 2ae8ee373ee..7b910cc1fe6 100644 --- a/service/memorydb/api_client.go +++ b/service/memorydb/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mgn/api_client.go b/service/mgn/api_client.go index d3695e6e892..bdbb2d70bbc 100644 --- a/service/mgn/api_client.go +++ b/service/mgn/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/migrationhub/api_client.go b/service/migrationhub/api_client.go index 4622869d46f..3862059c80f 100644 --- a/service/migrationhub/api_client.go +++ b/service/migrationhub/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/migrationhubconfig/api_client.go b/service/migrationhubconfig/api_client.go index 49887f56832..14ff0c92da8 100644 --- a/service/migrationhubconfig/api_client.go +++ b/service/migrationhubconfig/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/migrationhuborchestrator/api_client.go b/service/migrationhuborchestrator/api_client.go index e1bde22a968..2fef49eb220 100644 --- a/service/migrationhuborchestrator/api_client.go +++ b/service/migrationhuborchestrator/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/migrationhubrefactorspaces/api_client.go b/service/migrationhubrefactorspaces/api_client.go index e506b474841..bc38b9faf0c 100644 --- a/service/migrationhubrefactorspaces/api_client.go +++ b/service/migrationhubrefactorspaces/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/migrationhubstrategy/api_client.go b/service/migrationhubstrategy/api_client.go index 8d013d9b77f..8eefd1a083e 100644 --- a/service/migrationhubstrategy/api_client.go +++ b/service/migrationhubstrategy/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mobile/api_client.go b/service/mobile/api_client.go index 3fc3e6b9524..7581f036d43 100644 --- a/service/mobile/api_client.go +++ b/service/mobile/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mq/api_client.go b/service/mq/api_client.go index 52d1660cab6..5b933617ac4 100644 --- a/service/mq/api_client.go +++ b/service/mq/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/mturk/api_client.go b/service/mturk/api_client.go index 34309917656..98f48b6dbdf 100644 --- a/service/mturk/api_client.go +++ b/service/mturk/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/mwaa/api_client.go b/service/mwaa/api_client.go index 4a57c01cb82..5bf5f7937de 100644 --- a/service/mwaa/api_client.go +++ b/service/mwaa/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/neptune/api_client.go b/service/neptune/api_client.go index 4d7798ace1b..92e3c450f87 100644 --- a/service/neptune/api_client.go +++ b/service/neptune/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/neptunedata/api_client.go b/service/neptunedata/api_client.go index 8d6126f6485..9f4868bccb4 100644 --- a/service/neptunedata/api_client.go +++ b/service/neptunedata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/neptunegraph/api_client.go b/service/neptunegraph/api_client.go index c4095833a44..1ebefa0f919 100644 --- a/service/neptunegraph/api_client.go +++ b/service/neptunegraph/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/networkfirewall/api_client.go b/service/networkfirewall/api_client.go index d32c3039267..71d9b954e2f 100644 --- a/service/networkfirewall/api_client.go +++ b/service/networkfirewall/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/networkmanager/api_client.go b/service/networkmanager/api_client.go index 6edef6df486..afea687d289 100644 --- a/service/networkmanager/api_client.go +++ b/service/networkmanager/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/networkmonitor/api_client.go b/service/networkmonitor/api_client.go index 45039d3095c..d3732df9659 100644 --- a/service/networkmonitor/api_client.go +++ b/service/networkmonitor/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/nimble/api_client.go b/service/nimble/api_client.go index e50e56bb823..595b007bcbb 100644 --- a/service/nimble/api_client.go +++ b/service/nimble/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/oam/api_client.go b/service/oam/api_client.go index 152cae9aa9a..f466908de3e 100644 --- a/service/oam/api_client.go +++ b/service/oam/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/omics/api_client.go b/service/omics/api_client.go index 9e1676291f6..8195ea42d06 100644 --- a/service/omics/api_client.go +++ b/service/omics/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/opensearch/api_client.go b/service/opensearch/api_client.go index 183a2b7665a..420ed6c05a5 100644 --- a/service/opensearch/api_client.go +++ b/service/opensearch/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/opensearchserverless/api_client.go b/service/opensearchserverless/api_client.go index 9e3500dd366..fcd0be9360b 100644 --- a/service/opensearchserverless/api_client.go +++ b/service/opensearchserverless/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/opsworks/api_client.go b/service/opsworks/api_client.go index 6d2ced3ca83..d36f78a4a34 100644 --- a/service/opsworks/api_client.go +++ b/service/opsworks/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/opsworkscm/api_client.go b/service/opsworkscm/api_client.go index b2e2a6927d9..5225a1f1f24 100644 --- a/service/opsworkscm/api_client.go +++ b/service/opsworkscm/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/organizations/api_client.go b/service/organizations/api_client.go index 07d986efed2..85c99294b34 100644 --- a/service/organizations/api_client.go +++ b/service/organizations/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/osis/api_client.go b/service/osis/api_client.go index e9853dde035..c1a8b5ad41d 100644 --- a/service/osis/api_client.go +++ b/service/osis/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/outposts/api_client.go b/service/outposts/api_client.go index 5d0a31d4499..96ee90c274e 100644 --- a/service/outposts/api_client.go +++ b/service/outposts/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/panorama/api_client.go b/service/panorama/api_client.go index e64628e1532..f30ed80c152 100644 --- a/service/panorama/api_client.go +++ b/service/panorama/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/paymentcryptography/api_client.go b/service/paymentcryptography/api_client.go index 4116db2e73a..bf562cc1cb1 100644 --- a/service/paymentcryptography/api_client.go +++ b/service/paymentcryptography/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/paymentcryptographydata/api_client.go b/service/paymentcryptographydata/api_client.go index dfe199a6f7e..1431fa9d651 100644 --- a/service/paymentcryptographydata/api_client.go +++ b/service/paymentcryptographydata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pcaconnectorad/api_client.go b/service/pcaconnectorad/api_client.go index b094aea832b..982d646feec 100644 --- a/service/pcaconnectorad/api_client.go +++ b/service/pcaconnectorad/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/pcaconnectorscep/api_client.go b/service/pcaconnectorscep/api_client.go index 9d3adfc748f..310056cb9fd 100644 --- a/service/pcaconnectorscep/api_client.go +++ b/service/pcaconnectorscep/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/personalize/api_client.go b/service/personalize/api_client.go index 6ef50affb94..ab3a020c6b4 100644 --- a/service/personalize/api_client.go +++ b/service/personalize/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/personalizeevents/api_client.go b/service/personalizeevents/api_client.go index 79328803ae6..1067e889bb2 100644 --- a/service/personalizeevents/api_client.go +++ b/service/personalizeevents/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/personalizeruntime/api_client.go b/service/personalizeruntime/api_client.go index 1d65889b1a8..e5ef1ace62f 100644 --- a/service/personalizeruntime/api_client.go +++ b/service/personalizeruntime/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pi/api_client.go b/service/pi/api_client.go index 099dcec3281..3db164786c2 100644 --- a/service/pi/api_client.go +++ b/service/pi/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pinpoint/api_client.go b/service/pinpoint/api_client.go index 9feedb8080c..b2bdadd1d05 100644 --- a/service/pinpoint/api_client.go +++ b/service/pinpoint/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pinpointemail/api_client.go b/service/pinpointemail/api_client.go index dcaec520a4b..3d78f2f2d47 100644 --- a/service/pinpointemail/api_client.go +++ b/service/pinpointemail/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pinpointsmsvoice/api_client.go b/service/pinpointsmsvoice/api_client.go index dd00396c7f6..552b5815d31 100644 --- a/service/pinpointsmsvoice/api_client.go +++ b/service/pinpointsmsvoice/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pinpointsmsvoicev2/api_client.go b/service/pinpointsmsvoicev2/api_client.go index 0cf2a97f83e..26700f4aa73 100644 --- a/service/pinpointsmsvoicev2/api_client.go +++ b/service/pinpointsmsvoicev2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/pipes/api_client.go b/service/pipes/api_client.go index 822d90b4121..ad847d9c24f 100644 --- a/service/pipes/api_client.go +++ b/service/pipes/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/polly/api_client.go b/service/polly/api_client.go index a448dd16363..713e8d6a733 100644 --- a/service/polly/api_client.go +++ b/service/polly/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/pricing/api_client.go b/service/pricing/api_client.go index 405319a71a6..ad0276a714c 100644 --- a/service/pricing/api_client.go +++ b/service/pricing/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/privatenetworks/api_client.go b/service/privatenetworks/api_client.go index 7d1e5d6828c..4eb26f52a5f 100644 --- a/service/privatenetworks/api_client.go +++ b/service/privatenetworks/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/proton/api_client.go b/service/proton/api_client.go index 7eafc9abf8b..64fac0ce7a0 100644 --- a/service/proton/api_client.go +++ b/service/proton/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/qbusiness/api_client.go b/service/qbusiness/api_client.go index 11c222781d6..95e31258fb4 100644 --- a/service/qbusiness/api_client.go +++ b/service/qbusiness/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -242,15 +243,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -504,6 +506,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -515,6 +529,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/qconnect/api_client.go b/service/qconnect/api_client.go index cc9666bb56d..c27b0d7afdb 100644 --- a/service/qconnect/api_client.go +++ b/service/qconnect/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/qldb/api_client.go b/service/qldb/api_client.go index 0dfa3da9780..1e6e4d7c379 100644 --- a/service/qldb/api_client.go +++ b/service/qldb/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/qldbsession/api_client.go b/service/qldbsession/api_client.go index f18e91712e2..61a4d60fe1b 100644 --- a/service/qldbsession/api_client.go +++ b/service/qldbsession/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/quicksight/api_client.go b/service/quicksight/api_client.go index 847c5c5a84c..c741ff1a844 100644 --- a/service/quicksight/api_client.go +++ b/service/quicksight/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ram/api_client.go b/service/ram/api_client.go index a7ab7ee6af3..91ff3b0a3a7 100644 --- a/service/ram/api_client.go +++ b/service/ram/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/rbin/api_client.go b/service/rbin/api_client.go index 7b687c2426d..45306aeb5d5 100644 --- a/service/rbin/api_client.go +++ b/service/rbin/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/rds/api_client.go b/service/rds/api_client.go index 9a05cd5f80c..a30db2a99ca 100644 --- a/service/rds/api_client.go +++ b/service/rds/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -495,6 +497,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -506,6 +520,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/rdsdata/api_client.go b/service/rdsdata/api_client.go index 141249ffe82..c06cb2422a7 100644 --- a/service/rdsdata/api_client.go +++ b/service/rdsdata/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/redshift/api_client.go b/service/redshift/api_client.go index c7910614187..b616ce9be99 100644 --- a/service/redshift/api_client.go +++ b/service/redshift/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/redshiftdata/api_client.go b/service/redshiftdata/api_client.go index 24e7e2e36a1..b7dfb999267 100644 --- a/service/redshiftdata/api_client.go +++ b/service/redshiftdata/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/redshiftserverless/api_client.go b/service/redshiftserverless/api_client.go index bb6b48732a6..cae72132512 100644 --- a/service/redshiftserverless/api_client.go +++ b/service/redshiftserverless/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/rekognition/api_client.go b/service/rekognition/api_client.go index 14b7ee668ba..b0dc893cad6 100644 --- a/service/rekognition/api_client.go +++ b/service/rekognition/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/repostspace/api_client.go b/service/repostspace/api_client.go index f7b874d8879..34235db36b3 100644 --- a/service/repostspace/api_client.go +++ b/service/repostspace/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/resiliencehub/api_client.go b/service/resiliencehub/api_client.go index 7bfd2d3fe39..f74465472e8 100644 --- a/service/resiliencehub/api_client.go +++ b/service/resiliencehub/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/resourceexplorer2/api_client.go b/service/resourceexplorer2/api_client.go index 027f155c694..ec53d346882 100644 --- a/service/resourceexplorer2/api_client.go +++ b/service/resourceexplorer2/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/resourcegroups/api_client.go b/service/resourcegroups/api_client.go index 34c890189ae..cff35f9ae64 100644 --- a/service/resourcegroups/api_client.go +++ b/service/resourcegroups/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/resourcegroupstaggingapi/api_client.go b/service/resourcegroupstaggingapi/api_client.go index c42fccddcd1..a223be68057 100644 --- a/service/resourcegroupstaggingapi/api_client.go +++ b/service/resourcegroupstaggingapi/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/robomaker/api_client.go b/service/robomaker/api_client.go index ab2da240fc1..10f5b3864fe 100644 --- a/service/robomaker/api_client.go +++ b/service/robomaker/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/rolesanywhere/api_client.go b/service/rolesanywhere/api_client.go index 25844ef69c1..9f83cd34583 100644 --- a/service/rolesanywhere/api_client.go +++ b/service/rolesanywhere/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/route53/api_client.go b/service/route53/api_client.go index 1eaa83d3d79..64e24f01557 100644 --- a/service/route53/api_client.go +++ b/service/route53/api_client.go @@ -17,6 +17,7 @@ import ( internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" route53cust "github.com/aws/aws-sdk-go-v2/service/route53/internal/customizations" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -238,15 +239,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -493,6 +495,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -504,6 +518,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/route53domains/api_client.go b/service/route53domains/api_client.go index ba9c1c128d3..7a911de82ab 100644 --- a/service/route53domains/api_client.go +++ b/service/route53domains/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/route53profiles/api_client.go b/service/route53profiles/api_client.go index 821c3fa8031..697a79df5d8 100644 --- a/service/route53profiles/api_client.go +++ b/service/route53profiles/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/route53profiles/auth.go b/service/route53profiles/auth.go index a10c1f61d42..3e15c96bdfc 100644 --- a/service/route53profiles/auth.go +++ b/service/route53profiles/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/route53profiles/endpoints.go b/service/route53profiles/endpoints.go index c190c37da69..6a77d1a6d60 100644 --- a/service/route53profiles/endpoints.go +++ b/service/route53profiles/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/route53profiles/options.go b/service/route53profiles/options.go index ef578ea0a5e..70cd23f9d02 100644 --- a/service/route53profiles/options.go +++ b/service/route53profiles/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/route53recoverycluster/api_client.go b/service/route53recoverycluster/api_client.go index 7cbedb1cb70..fbfa2c882c5 100644 --- a/service/route53recoverycluster/api_client.go +++ b/service/route53recoverycluster/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/route53recoverycontrolconfig/api_client.go b/service/route53recoverycontrolconfig/api_client.go index adfeb6f2f3a..e1d2fb46057 100644 --- a/service/route53recoverycontrolconfig/api_client.go +++ b/service/route53recoverycontrolconfig/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/route53recoveryreadiness/api_client.go b/service/route53recoveryreadiness/api_client.go index d0a48070b11..117aed63169 100644 --- a/service/route53recoveryreadiness/api_client.go +++ b/service/route53recoveryreadiness/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/route53resolver/api_client.go b/service/route53resolver/api_client.go index b0ddec1d424..4382cc1c86f 100644 --- a/service/route53resolver/api_client.go +++ b/service/route53resolver/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/rum/api_client.go b/service/rum/api_client.go index 15874a679ab..ecfd39fee09 100644 --- a/service/rum/api_client.go +++ b/service/rum/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/s3/api_client.go b/service/s3/api_client.go index b3cdd690e56..27e934991a8 100644 --- a/service/s3/api_client.go +++ b/service/s3/api_client.go @@ -23,6 +23,7 @@ import ( s3sharedconfig "github.com/aws/aws-sdk-go-v2/service/internal/s3shared/config" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -266,15 +267,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -555,6 +557,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + type httpSignerV4a interface { SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash, service string, regionSet []string, signingTime time.Time, @@ -586,6 +600,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addMetadataRetrieverMiddleware(stack *middleware.Stack) error { return s3shared.AddMetadataRetrieverMiddleware(stack) } diff --git a/service/s3control/api_client.go b/service/s3control/api_client.go index 60b6631a1d1..b647b2f5fad 100644 --- a/service/s3control/api_client.go +++ b/service/s3control/api_client.go @@ -19,6 +19,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/internal/s3shared" s3sharedconfig "github.com/aws/aws-sdk-go-v2/service/internal/s3shared/config" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -242,15 +243,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -520,6 +522,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -531,6 +545,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/s3outposts/api_client.go b/service/s3outposts/api_client.go index 590b2082bbf..c868b6268ad 100644 --- a/service/s3outposts/api_client.go +++ b/service/s3outposts/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sagemaker/api_client.go b/service/sagemaker/api_client.go index 825e1f1bfde..bc6fb60db60 100644 --- a/service/sagemaker/api_client.go +++ b/service/sagemaker/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sagemakera2iruntime/api_client.go b/service/sagemakera2iruntime/api_client.go index 75490e6f52d..7ebaeb52653 100644 --- a/service/sagemakera2iruntime/api_client.go +++ b/service/sagemakera2iruntime/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sagemakeredge/api_client.go b/service/sagemakeredge/api_client.go index 991d299b81d..7bf4f760da6 100644 --- a/service/sagemakeredge/api_client.go +++ b/service/sagemakeredge/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sagemakerfeaturestoreruntime/api_client.go b/service/sagemakerfeaturestoreruntime/api_client.go index e55356ca436..4ef3c491452 100644 --- a/service/sagemakerfeaturestoreruntime/api_client.go +++ b/service/sagemakerfeaturestoreruntime/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sagemakergeospatial/api_client.go b/service/sagemakergeospatial/api_client.go index 9b1180ada1f..4098f623213 100644 --- a/service/sagemakergeospatial/api_client.go +++ b/service/sagemakergeospatial/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sagemakermetrics/api_client.go b/service/sagemakermetrics/api_client.go index 6dcb99f80f7..22a4800cda3 100644 --- a/service/sagemakermetrics/api_client.go +++ b/service/sagemakermetrics/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sagemakerruntime/api_client.go b/service/sagemakerruntime/api_client.go index 75fbd1a0b18..0e88b392390 100644 --- a/service/sagemakerruntime/api_client.go +++ b/service/sagemakerruntime/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/savingsplans/api_client.go b/service/savingsplans/api_client.go index d5647383f44..564cd69f420 100644 --- a/service/savingsplans/api_client.go +++ b/service/savingsplans/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/scheduler/api_client.go b/service/scheduler/api_client.go index 3efc43d27e4..79edc96a4a6 100644 --- a/service/scheduler/api_client.go +++ b/service/scheduler/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/schemas/api_client.go b/service/schemas/api_client.go index 9752765c1de..0cc8aaa3d0f 100644 --- a/service/schemas/api_client.go +++ b/service/schemas/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/secretsmanager/api_client.go b/service/secretsmanager/api_client.go index 6b0df225332..15aa164d307 100644 --- a/service/secretsmanager/api_client.go +++ b/service/secretsmanager/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/securityhub/api_client.go b/service/securityhub/api_client.go index 96008355700..9335b48861e 100644 --- a/service/securityhub/api_client.go +++ b/service/securityhub/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/securitylake/api_client.go b/service/securitylake/api_client.go index 207907ab741..2930deadfbe 100644 --- a/service/securitylake/api_client.go +++ b/service/securitylake/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/serverlessapplicationrepository/api_client.go b/service/serverlessapplicationrepository/api_client.go index cd4c4775ce9..a3365fb69f0 100644 --- a/service/serverlessapplicationrepository/api_client.go +++ b/service/serverlessapplicationrepository/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/servicecatalog/api_client.go b/service/servicecatalog/api_client.go index a5adf592430..c3d2f0ba6ab 100644 --- a/service/servicecatalog/api_client.go +++ b/service/servicecatalog/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/servicecatalogappregistry/api_client.go b/service/servicecatalogappregistry/api_client.go index c28be2aaa06..94fd4e62b54 100644 --- a/service/servicecatalogappregistry/api_client.go +++ b/service/servicecatalogappregistry/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/servicediscovery/api_client.go b/service/servicediscovery/api_client.go index 42b4693f447..098f510a9d5 100644 --- a/service/servicediscovery/api_client.go +++ b/service/servicediscovery/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/servicequotas/api_client.go b/service/servicequotas/api_client.go index 54d7f07dcb4..557ad6c1210 100644 --- a/service/servicequotas/api_client.go +++ b/service/servicequotas/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ses/api_client.go b/service/ses/api_client.go index a0b7bea5058..afdbd47b57d 100644 --- a/service/ses/api_client.go +++ b/service/ses/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sesv2/api_client.go b/service/sesv2/api_client.go index 555cce031c3..5b3f9f1d56b 100644 --- a/service/sesv2/api_client.go +++ b/service/sesv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sfn/api_client.go b/service/sfn/api_client.go index 7148a06dcd5..937c9b2dc4d 100644 --- a/service/sfn/api_client.go +++ b/service/sfn/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/shield/api_client.go b/service/shield/api_client.go index bbd4fd6deb4..a868be812b1 100644 --- a/service/shield/api_client.go +++ b/service/shield/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/signer/api_client.go b/service/signer/api_client.go index 14a5cafb2af..d7c11b1aaa7 100644 --- a/service/signer/api_client.go +++ b/service/signer/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/simspaceweaver/api_client.go b/service/simspaceweaver/api_client.go index 6f2159844b3..a6e8af19997 100644 --- a/service/simspaceweaver/api_client.go +++ b/service/simspaceweaver/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sms/api_client.go b/service/sms/api_client.go index 8d98da77ce4..7f02d4e74c0 100644 --- a/service/sms/api_client.go +++ b/service/sms/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/snowball/api_client.go b/service/snowball/api_client.go index 577dff16785..fb640279552 100644 --- a/service/snowball/api_client.go +++ b/service/snowball/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/snowdevicemanagement/api_client.go b/service/snowdevicemanagement/api_client.go index 8f94192a83e..cf68888c6d6 100644 --- a/service/snowdevicemanagement/api_client.go +++ b/service/snowdevicemanagement/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/sns/api_client.go b/service/sns/api_client.go index beac908c428..2c485d6de6e 100644 --- a/service/sns/api_client.go +++ b/service/sns/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sqs/api_client.go b/service/sqs/api_client.go index 80b40bb0c9e..e84506af9aa 100644 --- a/service/sqs/api_client.go +++ b/service/sqs/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ssm/api_client.go b/service/ssm/api_client.go index 9e64ef18ab4..d3920b34194 100644 --- a/service/ssm/api_client.go +++ b/service/ssm/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssmcontacts/api_client.go b/service/ssmcontacts/api_client.go index 6609d75047b..9f978decd25 100644 --- a/service/ssmcontacts/api_client.go +++ b/service/ssmcontacts/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssmincidents/api_client.go b/service/ssmincidents/api_client.go index fa7a1412d43..6a71ac418ee 100644 --- a/service/ssmincidents/api_client.go +++ b/service/ssmincidents/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssmsap/api_client.go b/service/ssmsap/api_client.go index 8bb78bb4686..567b0fe7b6e 100644 --- a/service/ssmsap/api_client.go +++ b/service/ssmsap/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sso/api_client.go b/service/sso/api_client.go index 34f19ded2df..b4c27a3a21d 100644 --- a/service/sso/api_client.go +++ b/service/sso/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/ssoadmin/api_client.go b/service/ssoadmin/api_client.go index efe136f44e6..4a8b3788ea6 100644 --- a/service/ssoadmin/api_client.go +++ b/service/ssoadmin/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/ssooidc/api_client.go b/service/ssooidc/api_client.go index bfd5c68c4dd..ed357ecdd96 100644 --- a/service/ssooidc/api_client.go +++ b/service/ssooidc/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/storagegateway/api_client.go b/service/storagegateway/api_client.go index 15667604f25..340b9b3a32e 100644 --- a/service/storagegateway/api_client.go +++ b/service/storagegateway/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/sts/api_client.go b/service/sts/api_client.go index b281ba293f3..25e652330ef 100644 --- a/service/sts/api_client.go +++ b/service/sts/api_client.go @@ -19,6 +19,7 @@ import ( acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -495,6 +497,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -506,6 +520,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/supplychain/api_client.go b/service/supplychain/api_client.go index 13de32d1926..4f81bd2016b 100644 --- a/service/supplychain/api_client.go +++ b/service/supplychain/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/support/api_client.go b/service/support/api_client.go index 67e8d823480..2bd1e05ee13 100644 --- a/service/support/api_client.go +++ b/service/support/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/supportapp/api_client.go b/service/supportapp/api_client.go index 7a507cc773b..b9b422bd5a7 100644 --- a/service/supportapp/api_client.go +++ b/service/supportapp/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/swf/api_client.go b/service/swf/api_client.go index 7442bd0605e..d5b2159cf6e 100644 --- a/service/swf/api_client.go +++ b/service/swf/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/synthetics/api_client.go b/service/synthetics/api_client.go index dfa0d9359b4..483b4073032 100644 --- a/service/synthetics/api_client.go +++ b/service/synthetics/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/taxsettings/api_client.go b/service/taxsettings/api_client.go index 743d268fe30..26d6b056406 100644 --- a/service/taxsettings/api_client.go +++ b/service/taxsettings/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/taxsettings/auth.go b/service/taxsettings/auth.go index 59aafbdac2c..3382c492f30 100644 --- a/service/taxsettings/auth.go +++ b/service/taxsettings/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/taxsettings/endpoints.go b/service/taxsettings/endpoints.go index 0acd97587ce..cb2d7c96e1a 100644 --- a/service/taxsettings/endpoints.go +++ b/service/taxsettings/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/taxsettings/options.go b/service/taxsettings/options.go index a17bfef8bb3..1675ee5d581 100644 --- a/service/taxsettings/options.go +++ b/service/taxsettings/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/textract/api_client.go b/service/textract/api_client.go index 0b9173e7672..cc064d26120 100644 --- a/service/textract/api_client.go +++ b/service/textract/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/timestreaminfluxdb/api_client.go b/service/timestreaminfluxdb/api_client.go index deaef2e109d..98168149159 100644 --- a/service/timestreaminfluxdb/api_client.go +++ b/service/timestreaminfluxdb/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/timestreaminfluxdb/auth.go b/service/timestreaminfluxdb/auth.go index a886eb6e28f..97b7986b876 100644 --- a/service/timestreaminfluxdb/auth.go +++ b/service/timestreaminfluxdb/auth.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { +func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { params.Region = options.Region } @@ -90,12 +90,12 @@ type AuthResolverParameters struct { Region string } -func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { +func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { params := &AuthResolverParameters{ Operation: operation, } - bindAuthParamsRegion(params, input, options) + bindAuthParamsRegion(ctx, params, input, options) return params } @@ -145,7 +145,7 @@ func (*resolveAuthSchemeMiddleware) ID() string { func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) if err != nil { return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) diff --git a/service/timestreaminfluxdb/endpoints.go b/service/timestreaminfluxdb/endpoints.go index d454b3d544d..2f63838ef1d 100644 --- a/service/timestreaminfluxdb/endpoints.go +++ b/service/timestreaminfluxdb/endpoints.go @@ -446,7 +446,7 @@ type endpointParamsBinder interface { bindEndpointParams(*EndpointParameters) } -func bindEndpointParams(input interface{}, options Options) *EndpointParameters { +func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { params := &EndpointParameters{} params.Region = bindRegion(options.Region) @@ -476,6 +476,10 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return next.HandleFinalize(ctx, in) } + if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil { + return out, metadata, fmt.Errorf("invalid accountID set: %w", err) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) @@ -485,7 +489,7 @@ func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in mid return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") } - params := bindEndpointParams(getOperationInput(ctx), m.options) + params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) if err != nil { return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) diff --git a/service/timestreaminfluxdb/options.go b/service/timestreaminfluxdb/options.go index 0444badf2ec..50da67e6c56 100644 --- a/service/timestreaminfluxdb/options.go +++ b/service/timestreaminfluxdb/options.go @@ -24,6 +24,9 @@ type Options struct { // modify this list for per operation behavior. APIOptions []func(*middleware.Stack) error + // Indicates how aws account ID is applied in endpoint2.0 routing + AccountIDEndpointMode aws.AccountIDEndpointMode + // The optional application specific identifier appended to the User-Agent header. AppID string diff --git a/service/timestreamquery/api_client.go b/service/timestreamquery/api_client.go index 9f8efde3579..165ea87ccc3 100644 --- a/service/timestreamquery/api_client.go +++ b/service/timestreamquery/api_client.go @@ -18,6 +18,7 @@ import ( internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -251,15 +252,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -610,6 +612,18 @@ func (c *Client) handleEndpointDiscoveryFromService(ctx context.Context, input * return endpoint, nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -621,6 +635,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/timestreamwrite/api_client.go b/service/timestreamwrite/api_client.go index 6376b5ff3a7..c5603471ed8 100644 --- a/service/timestreamwrite/api_client.go +++ b/service/timestreamwrite/api_client.go @@ -18,6 +18,7 @@ import ( internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" internalEndpointDiscovery "github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -251,15 +252,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -610,6 +612,18 @@ func (c *Client) handleEndpointDiscoveryFromService(ctx context.Context, input * return endpoint, nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -621,6 +635,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/tnb/api_client.go b/service/tnb/api_client.go index 4530595509a..81cc2ab7f24 100644 --- a/service/tnb/api_client.go +++ b/service/tnb/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/transcribe/api_client.go b/service/transcribe/api_client.go index 4492e65cc1b..5c38864932e 100644 --- a/service/transcribe/api_client.go +++ b/service/transcribe/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/transcribestreaming/api_client.go b/service/transcribestreaming/api_client.go index d5f7b16577b..1c57ac2f334 100644 --- a/service/transcribestreaming/api_client.go +++ b/service/transcribestreaming/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -239,15 +240,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -494,6 +496,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -505,6 +519,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/transfer/api_client.go b/service/transfer/api_client.go index ed702b7c9dc..2a475802e74 100644 --- a/service/transfer/api_client.go +++ b/service/transfer/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/translate/api_client.go b/service/translate/api_client.go index 3b74aa0b0f6..be249b118e1 100644 --- a/service/translate/api_client.go +++ b/service/translate/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/trustedadvisor/api_client.go b/service/trustedadvisor/api_client.go index fd9063b1772..e4d45313017 100644 --- a/service/trustedadvisor/api_client.go +++ b/service/trustedadvisor/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/verifiedpermissions/api_client.go b/service/verifiedpermissions/api_client.go index 10f2279c254..72aed84e552 100644 --- a/service/verifiedpermissions/api_client.go +++ b/service/verifiedpermissions/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/voiceid/api_client.go b/service/voiceid/api_client.go index 8ed88fe8a5e..84d283cbdc2 100644 --- a/service/voiceid/api_client.go +++ b/service/voiceid/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/vpclattice/api_client.go b/service/vpclattice/api_client.go index 89df9c44308..aee9fbdb11e 100644 --- a/service/vpclattice/api_client.go +++ b/service/vpclattice/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/waf/api_client.go b/service/waf/api_client.go index 43acb17cffc..fcec9faf571 100644 --- a/service/waf/api_client.go +++ b/service/waf/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/wafregional/api_client.go b/service/wafregional/api_client.go index 156a16c3f58..552db37e935 100644 --- a/service/wafregional/api_client.go +++ b/service/wafregional/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/wafv2/api_client.go b/service/wafv2/api_client.go index bb1877789f7..5c6169cbfb6 100644 --- a/service/wafv2/api_client.go +++ b/service/wafv2/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/wellarchitected/api_client.go b/service/wellarchitected/api_client.go index 978eb64dab0..0490ee02659 100644 --- a/service/wellarchitected/api_client.go +++ b/service/wellarchitected/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/wisdom/api_client.go b/service/wisdom/api_client.go index ac9e8d93eea..60dac918f83 100644 --- a/service/wisdom/api_client.go +++ b/service/wisdom/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/workdocs/api_client.go b/service/workdocs/api_client.go index b09c850aab9..438b562ee5c 100644 --- a/service/workdocs/api_client.go +++ b/service/workdocs/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/worklink/api_client.go b/service/worklink/api_client.go index 6efc3298ee1..9415801ba69 100644 --- a/service/worklink/api_client.go +++ b/service/worklink/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/workmail/api_client.go b/service/workmail/api_client.go index cd6ee62dcfb..0160c431b70 100644 --- a/service/workmail/api_client.go +++ b/service/workmail/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -240,15 +241,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -502,6 +504,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -513,6 +527,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/workmailmessageflow/api_client.go b/service/workmailmessageflow/api_client.go index 1a28325acf6..fa63e2db47a 100644 --- a/service/workmailmessageflow/api_client.go +++ b/service/workmailmessageflow/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -237,15 +238,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -492,6 +494,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -503,6 +517,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/workspaces/api_client.go b/service/workspaces/api_client.go index 265495ef2cd..726c9d5b7d3 100644 --- a/service/workspaces/api_client.go +++ b/service/workspaces/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } diff --git a/service/workspacesthinclient/api_client.go b/service/workspacesthinclient/api_client.go index 94e64c553f5..bb506dd91be 100644 --- a/service/workspacesthinclient/api_client.go +++ b/service/workspacesthinclient/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/workspacesweb/api_client.go b/service/workspacesweb/api_client.go index 69c23f3dfe9..3639e505931 100644 --- a/service/workspacesweb/api_client.go +++ b/service/workspacesweb/api_client.go @@ -17,6 +17,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -241,15 +242,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -503,6 +505,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -514,6 +528,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + // IdempotencyTokenProvider interface for providing idempotency token type IdempotencyTokenProvider interface { GetIdempotencyToken() (string, error) diff --git a/service/xray/api_client.go b/service/xray/api_client.go index 38560eab6bf..1646d7d6c81 100644 --- a/service/xray/api_client.go +++ b/service/xray/api_client.go @@ -16,6 +16,7 @@ import ( internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" @@ -236,15 +237,16 @@ func setResolvedDefaultsMode(o *Options) { // NewFromConfig returns a new client from the provided config. func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, + Region: cfg.Region, + DefaultsMode: cfg.DefaultsMode, + RuntimeEnvironment: cfg.RuntimeEnvironment, + HTTPClient: cfg.HTTPClient, + Credentials: cfg.Credentials, + APIOptions: cfg.APIOptions, + Logger: cfg.Logger, + ClientLogMode: cfg.ClientLogMode, + AppID: cfg.AppID, + AccountIDEndpointMode: cfg.AccountIDEndpointMode, } resolveAWSRetryerProvider(cfg, &opts) resolveAWSRetryMaxAttempts(cfg, &opts) @@ -491,6 +493,18 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { return nil } +func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { + if mode == aws.AccountIDEndpointModeDisabled { + return nil + } + + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { + return aws.String(ca.Credentials.AccountID) + } + + return nil +} + func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} if err := stack.Build.Add(&mw, middleware.After); err != nil { @@ -502,6 +516,25 @@ func initializeTimeOffsetResolver(c *Client) { c.timeOffset = new(atomic.Int64) } +func checkAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) error { + switch mode { + case aws.AccountIDEndpointModeUnset: + case aws.AccountIDEndpointModePreferred: + case aws.AccountIDEndpointModeDisabled: + case aws.AccountIDEndpointModeRequired: + if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); !ok { + return fmt.Errorf("accountID is required but not set") + } else if ca.Credentials.AccountID == "" { + return fmt.Errorf("accountID is required but not set") + } + // default check in case invalid mode is configured through request config + default: + return fmt.Errorf("invalid accountID endpoint mode %s, must be preferred/required/disabled", mode) + } + + return nil +} + func addRecursionDetection(stack *middleware.Stack) error { return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) } From 3133994bcb30e4ee3342eb900b0559e2919f696e Mon Sep 17 00:00:00 2001 From: Luc Talatinian Date: Mon, 17 Jun 2024 11:54:41 -0400 Subject: [PATCH 20/20] fix changelog --- .changelog/783a73b97a9843d991c055e06537c43c.json | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.changelog/783a73b97a9843d991c055e06537c43c.json b/.changelog/783a73b97a9843d991c055e06537c43c.json index 97b3a0641d6..e5738bc006e 100644 --- a/.changelog/783a73b97a9843d991c055e06537c43c.json +++ b/.changelog/783a73b97a9843d991c055e06537c43c.json @@ -1,9 +1,8 @@ { "id": "783a73b9-7a98-43d9-91c0-55e06537c43c", "type": "feature", - "collapse": true, - "description": "regenerate clients with accoundid endpoint codegen", + "description": "Support accountID-based endpoint routing.", "modules": [ "." ] -} \ No newline at end of file +}